Mostxlnt!
Trash Panda
XxPppp678Xx@raccoon real
isaac mewton
Sarah Trichet Allaire@raccoon c'est tellement moi
SolastalCycle@raccoon *with an alias
Ro_G ⏚@raccoon Voilà, ça c'est du tuto efficace! 😆
Esme Ciredutemps@raccoon same same
ChloeKitty 
@raccoon haha. correct.
Vincent Sparks 🔜 Furlingame@raccoon this is a good meme and all, but is terrible cybersecurity practice
as a programmer, i do NOT want to store your password. that is WAY too easy to do slightly wrong in a way that will leave everyone vulnerable if i ever experience a data breach and is definitely something best left to the professionals, like google and github and whatnot. they let you log in through their website, they store your password using their billions of dollars of infrastructure that they use to keep passwords safe that i do not have, and they pass me an auth token, which if it gets leaked in a data breach, is pretty much useless outside of my website. also, if you want to delete your account from my website, you don't even have to go to my website, you can just log into google's OAuth management system and say "i don't want to be associated with this website anymore" and it'll zap the OAuth key and unless i kept your email address i won't be able to interact with you at all anymore.
Pete / Syllopsium@AVincentInSpace @raccoon Whilst I understand it's difficult : I don't care, that is the cost of doing coding on the web.
I'm not letting Google or Facebook have custody over my credentials for other sites. It was already bad enough in December 2024 when my Meta account (*only* used for VR) was locked out for 10 days due to an issue at Meta's end. As a result, my VR headset was an unusable brick.
It's already bad enough that Google are almost as evil as Facebook at scraping your data, and they might potentially lock you out because you're in a new location and don't have your mobile with you.
Microsoft? Trust them a bit more, but if Azure goes down that potentially bricks many sites all at once.
Apple? Look at the example of the 30 year Apple user who had their entire digital Apple existence blocked due to a dodgy gift card.
Things like Discord? They already had a personal details breach of age verification information held by a third party, which they said they didn't store.
Skjeggtroll"but is terrible cybersecurity practice"
That depends on what I'm trying to protect. If I'm trying to protect my account on your specific webpage then it's not ideal, no, but if I'm trying to protect my overalll privacy and identity across the Internet in general, then it's still the best option.
Brendan HalpinGood point, but storing an automatically-generated one-off password exposes the user very little.
Stanley Q Woodvine@AVincentInSpace @raccoon You probably (almost certainly) know better than I do, in this case but using Google for all sign-ins arguably breaks the other rule about not using the exact same password for every account. Google passwords have been cracked and in this usage case the cracked G-password would give the cracker access to ALL accounts sharing the G-password.
The Grue@AVincentInSpace @raccoon Well, I have good news for you: you don't have to store any password! Hash'em like state of the art and that's it.
Disisdeguey🔻PalestineAction🇵🇸
WylieCoyoteUK 
@raccoon If you have ever tried getting your account data deleted from a website, you will find that some make it very difficult, if not impossible.
Matěj Cepl 🇪🇺 🇨🇿 🇺🇦I am glad that I am not alone. And even better I am in so distinguished company.
Petr Menšík 
@raccoon I think it is a little bit sad openid is not generally accepted anymore. It doesn't make sense to create separate account everywhere. Using 3rd party login service is a good idea IMO. Problem is list of accepted identity providers is often very limited. No Fedora or Debian identities.
Thomas Jones@raccoon
Why I:
• Run my own MTA (unlimited number of mailbox aliases)
• Hate when sites don't allow
I use my MTA for registrations that I intend to have more than a "throwaway" interaction-level. I use one of the webmail providers when I don't care about the registered account or that the webmail-provider knows about it.
Why I:
• Run my own MTA (unlimited number of mailbox aliases)
• Hate when sites don't allow
<username>+<sorting-key>@<DOMAIN>.<TLD> addresses (when I don't feel like logging in to create a new alias or just want to use one of my throwaway webmail-providers as a registration-recipient)I use my MTA for registrations that I intend to have more than a "throwaway" interaction-level. I use one of the webmail providers when I don't care about the registered account or that the webmail-provider knows about it.
Alan Campbell@raccoon whenever I find my way to sites like StackOverflow to get an answer the first I see at a corner is a 'please sign into Google', no, piss off.
Rue Mohr
FoxVK