Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Indeed, using OAuth everywhere would make the success of such an attack less likely. However, I feel strongly about not letting a single organization act as my identity provider. I don't like putting all eggs in the same basket.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: