2
h4xx3r
6y

What's your thought on multi-login systems?(your own or Facebook\Google\etc.)

It's worth dealing with it?
The user base of external logins is bigger than your own?
If you've programmed external login support, how've you found the experience?

Comments
  • 1
    I implemented a multi-login system.

    Here some issues I encountered:

    - You have to update your code when provider API changes (Facebook deprecated some settings and suddenly nothing was working anymore);

    - Users are really dumb and think all is working by magic. Allowing them to use multiple identities will increase your helpdesk work. For example, I received several requests asking "Hey, I'm Mr. X, I registered with Facebook last year, now I'm trying to login with Google, but I don't see my old data! WHY? I NEED MY DATA NOW!". The answer should be: "Hi, idiot, you registered with two different accounts, which have also two different email addresses. How the hell can the system know that the two accounts belong the same person? Best regards, motherfucker."

    - I'm always asking myself if the code I've written is secure enough.

    So, summarizing, if you don't really need it, I don't reccomend to implement it.
  • 1
    Consider also that you could try some existing solutions, like this: https://auth0.com/ (I didn't try it)
  • 2
    It's a hassle to implement sometimes, but you'll get more traction. People sign up faster with "sign in with facebook" than manually entering their username, email, password,.. etc.

    Depends on your application/site ofcourse.

    Like previous comment. If the third-party changed something, you'll need to uodate as well. Sometimes it's minor, but it could also be a mayor change. (And you won't always know until a user reports it, that it doesn't work)
Add Comment