https://nitter.net/axios/status/1712679556375601187

  • Sphere [he/him, they/them]
    ·
    1 year ago

    Was not aware of the latest efforts on MD5, in all honesty; I take back what I said before.

    I agree with everything you said there 100% except the bit about SSO. SSO is great for people working in managed environments (I wish my workplace would make broader use of it, honestly), but expanding it to everyone as a whole creates some serious issues (putting everyone's eggs in the same basket is a security risk, and worse, having a centralized third party notified of every login request totally undermines user privacy).

    • envis10n [he/him]
      ·
      1 year ago

      I don't mean to imply that it should be everywhere, rather it is appealing as an option when the only other option is to roll your own setup.

      It's useful for connected services, orgs, etc. Especially when it comes to easily setting up access controls. But you're right, it's not a solution that should be used everywhere due to the fact that a single point of failure is bad.

      Btw this has been a great discussion and I hope that others reading this might help further the goal of creating a safer internet