[Seaside] Re: Seaside authentication/login/user account package

Tony Fleig tony.fleig at gmail.com
Mon Jan 31 19:25:18 UTC 2011


I agree that many would probably fund it useful to have additional
login options such as via Facebook, Twitter, Google, etc. I'll add
that to my list of requested features. There is a fair amount of work
still needed just to refactor the existing code base that I need to
complete before adding any new features though...

Of course I built TFLogin primarily because I needed the functionality
myself and I am generally against the use of consolidated logins (see
http://forum.world.st/authentication-for-seaside-td3166481.html#a3167165.)

Here are excerpts from the above-referenced email:

Entrusting the security of all your on-line accounts to a single
entity, be it Facebook, Twitter, or a national government provides a
single point of failure for the security of the associated accounts.
This is the same reason why using the same password for multiple
accounts is ill-advised.

I understand keeping track of many passwords is inconvenient and just
automatically using one's Facebook login at another site is very
convenient. Convenience is also the reason why people use the word
"password" as their password. I, personally, would not use automatic
Facebook or Twitter login for any but my insecure accounts -- and
those are almost by definition, the accounts that are not very
important to me.

I have three friends whose on-line accounts were compromised and who
lost significant amounts of money and suffered months of continued
problems recovering from identity theft. These were not rich people.
This does happen.

I think there is still a place for per-site login and security,
inconvenient as it may be.

(I use http://www.husharoo.com to maintain my secret stuff.)

Regards,
TF




On Mon, Jan 31, 2011 at 2:53 AM, Geert Claes <geert.wl.claes at gmail.com> wrote:
>
> Nice!
>
> How about also adding support for the user to login using Facebook, Google,
> Yahoo, Twitter etc you see often on web applications these days?
> --
> View this message in context: http://forum.world.st/Seaside-authentication-login-user-account-package-tp3178309p3248474.html
> Sent from the Seaside General mailing list archive at Nabble.com.
> _______________________________________________
> seaside mailing list
> seaside at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside


More information about the seaside mailing list