Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Are you thinking the tricky part here is in handling password resets? Because otherwise I've had an easier time with straightforward username+bcrypt(password) in-house versus reliably implementing OAuth2/OpenID/whatever, which has some sharp edges of its own.


Agree with that. Honestly signup/login is not that hard to implement right, even from scratch.

Also I don’t want FB/Google to know what I login to if I can avoid it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: