undefined | Better HN

0 pointskemiller20025y ago0 comments

Very true, there are drawbacks to using 3rd party authentication and I think a good (at least) middle ground is to purchase a hosted appliance that handles storage and authentication. Of course if you are a large organization that can hire people who do know what they are doing, you are golden. Sadly, these are not the companies that I generally interact with.

0 comments

2 comments · 2 top-level

t0astbread5y ago

Oh, I think I misunderstood your comment. I thought you were referring to third-party auth specifically.

Another option more on the cheaper side would be a library that handles algorithm selection and migration in a "black box" way. I.e. the public interface is only `db.put(user,newPass)`, `db.compare(user,suppliedPass)` and maybe something like `db.doMaintenance()`. You would need to handle storage yourself in that case but I don't see the downside of this when you are storing your users' data anyways. I'm not aware if such a library exists though.

mooreds5y ago

See also this list of vendors and open source projects (disclaimer, my employer is one):

https://news.ycombinator.com/item?id=25212694

What hosted appliances offerings have you taken a look at?

j / k navigate · click thread line to collapse