Sunday, December 23, 2012

Not quite getting the point on trusted third party authentication

I recently learned that a former co-worker is being treated for cancer and has been communicating with friends through Caring Bridge.  So, I went to leave a note in her guest book and was given the option to log in through Facebook Connect or to create a local account.  I opted for the Facebook route (so sue me), and was taken here:


I can see where they may want to allocate local resources, but they don't seem to have quite grasped the delegated authentication thing.  It seems clear to me that there's no benefit to using Facebook to authenticate (unless you see it as a positive to have Caring Bridge post your activities to your wall [incidentally, I always set the visibility of those posts to "me, only"]).

I wonder how common it is to have app developers completely misconstrue the purpose of third-party authentication.

No comments:

Post a Comment