Social Login

Topics about or relating to the forum itself and how it's run.
Post Reply

Turn on social login?

Poll ended at 26 Oct 2014 11:05

Yes
1
25%
No
3
75%
 
Total votes: 4

User avatar
Allan
Posts: 933
Joined: 30 Aug 2003 20:44
Location: Victoria BC

Social Login

Post by Allan » 28 Jun 2014 11:05

At some point in the not-so-distant future, the software that runs this forum--phpBB--will upgrade to version 3.1 (we're currently running the latest 3.0.12). With this upgrade will come built-in support for a protocol called oAuth. This will allow me to easily integrate "social login" with the forums; you'll be able to tie your modified account to your Facebook/Twitter account. If you're signed into Facebook, you'll be signed into the forums.

A) I have no idea when we'll be able to upgrade to 3.1 as that's up to the developers. They don't develop at a fast pace. This could be (and probably will be) months away.

B) This doesn't (theoretically) mean that Facebook et al. would be able to access your data here. It should be a simple question of login credentials. Read more about oAuth here.

C) This would be entirely optional. You can choose to tie your account with a social provider or not. It would be an option to ease registration of new users, and existing users should be able to click a button and have it work. Or you can just ignore it completely.

D) Before I turn such a feature on, I want to make sure that I've got the support of the membership.

Comments please.

Edit: added a new C option to make it clear this is all totally optional

shred4life
Hack Fiend
Posts: 44
Joined: 23 Jul 2013 22:20
Location: grand rapids, mi

Re: Social Login

Post by shred4life » 28 Jun 2014 11:49

Image
-Vince R

User avatar
Outsider
Ayatollah of Rock n' Rollah
Posts: 1373
Joined: 21 May 2003 21:30
Location: Bridgewater, New Jersey

Re: Social Login

Post by Outsider » 29 Jun 2014 05:54

No thanks!!!

I don't want to be automatically logged-in to anything anywhere ever.

When I want to be on Facebook, I'll log-on to Facebook, and as soon as I'm done with Facebook, I log-off from Facebook.

I do not want the act of logging-on to Facebook to automatically cause me to be logged-in to Modified, and I do not want the act of logging-on to Modified to automatically cause me to be logged-in to Facebook.
"The time has come to convert the unbelievers..."

Jonathan Schneider --- sometimes showers with his Lavers on (to clean them)
The Ministry of Silly Walks
NYFA
BAP

User avatar
Allan
Posts: 933
Joined: 30 Aug 2003 20:44
Location: Victoria BC

Re: Social Login

Post by Allan » 29 Jun 2014 09:00

I'm sorry. I guess I wasn't clear enough. This would be fully optional. Nobody will ever force you to tie your accounts together. It would just be there for those of us that do want it ...

User avatar
Outsider
Ayatollah of Rock n' Rollah
Posts: 1373
Joined: 21 May 2003 21:30
Location: Bridgewater, New Jersey

Re: Social Login

Post by Outsider » 29 Jun 2014 18:33

Well, all right then.
"The time has come to convert the unbelievers..."

Jonathan Schneider --- sometimes showers with his Lavers on (to clean them)
The Ministry of Silly Walks
NYFA
BAP

Muffinman
the gimp
Posts: 10373
Joined: 21 Apr 2002 15:34
Location: Canada
Contact:

Re: Social Login

Post by Muffinman » 29 Jun 2014 21:11

I agree with Jon. I never want any of my online networks to be connected or associated with anything else in any way. But I'm cool with it if it's optional

User avatar
Asmus
Ass Moose
Posts: 3773
Joined: 13 Jun 2004 08:18
Location: Copenhagen
Contact:

Re: Social Login

Post by Asmus » 29 Jun 2014 23:35

Didn't the Heartbleed Case show that linking accounts together is a bad thing? And that you should have unique passwords for all social media sites?

User avatar
Allan
Posts: 933
Joined: 30 Aug 2003 20:44
Location: Victoria BC

Re: Social Login

Post by Allan » 02 Jul 2014 16:43

Just to clarify further: I'm not really meaning to advocate for this very strongly. I've been asked about it by several people over the past few years and have done a surprising amount of work looking for and trying several solutions. This was all pre-Snowden. By now there's a huge backlash against this sort of thing that wouldn't have been there before.

I think that relating heartbleed to this protocol is conflating the issue a bit, but I understand the point (hence my "theoretically" insert in my OP). The having separate passwords for each site (a PITA) is exactly the issue that this protocol tries to solve. You guys should definitely read the oAuth site I linked to above ...

I think this merits a bit more discussion, but I'm off to go shred :) Please keep in mind that this is optional. Please don't vote "no" simply because you personally wouldn't take the option. Giving more people an easier path into the site (and a more persistent login) has the serious potential to increase participation a lot ...

Post Reply