Ask HN: What authentication methods do you prefer?

3 points by avree ↗ HN
I work for a startup called Getaround, where we currently require Facebook for login. We're looking at alternative options, since many users are uncomfortable with using Facebook as their authentication method. Assuming that an actual website account system is out of the question, what auth methods do you prefer? OpenID? Twitter? Google Accounts?

7 comments

[ 6.0 ms ] story [ 26.8 ms ] thread
I use FB, Google accounts but only on sites I trust. If I don't trust the site and there is no classic u/p system then I leave
Why would you sign up on untrusted sites?
There's a difference between "I trust this website with access to my primary online identity" (Google/Facebook) and "I trust this website with a made-up username, one-off password and throwaway email address".
How do you determine whether to trust a site or not?
Why not just use username/password? It sucks in well-known ways and quantities, and usually less than the alternatives.

Just be sure to store the passwords properly (bcrypt or somesuch).

I generate random passwords for every site, I don't like SSO provided by Facebook, Twitter and Google etc, its insecure and places the trust in a single companies hands.

If you don't allow me to register normally (i.e. without a single signon mechanism) I likely won't register.