Ask HN: You're building the next Twitter. Do you use social-login?

2 points by theclearytheory ↗ HN
Hey guys,

I'm developing an application that I intend on putting the final nail in the coffin for Twitter... I know, every man and his dog is :) But let's not dive much deeper into my delusions.

My question is very specific.

The application I'm building is initially going to be mobile only (React Native) and will be using firebase as it's database. I intend on launching the app in the New Year, at my alma mater, when the students get back after Christmas.

Now in order to reduce friction for activating new users and getting them into the app as soon as possible, I was intending on having only signup/login via Facebook. Students will likely think of this as no big deal, it's faster and would rather this than have to fill out an email, password, confirm password along with email verification etc.

Not to mention, this would have several additional benefits such as being able to reduce the number of fake accounts and allowing the users to share posts to other existing social media such as FB/Instagram/Twitter. Anything to get the word out and kick start the viral cycle.

However, it's struck me that IF this app is successful, a big if of course, then I will be relying on Facebook for all my userbase authentication, and as a result, they will own my user account data? In a best case scenario, let's say that this becomes a competitor of facebook, couldn't Facebook just shut down my access to their API, I'd be at their mercy right? They could snatch away my whole userbase and shut me down. This is all hypotheticals of course.

Is there any way around this? Should I be looking at creating my own system or relying on just email/password authentication? Instead of having a form of vendor-lockin?

I used to wonder why apps like Yik Yak didn't offer social login, is this the reason why?

Would love to hear your thoughts and suggestions, thank you.

2 comments

[ 2.9 ms ] story [ 7.7 ms ] thread
What if you used social login from firebase and then requested for their email address afterwards?
Don't swim with the sharks little tadpole.