drop social authentication #3837
Comments
|
Switching to email/password or Medium authentication, or drop all social network links? |
|
The proposal here is that we no longer allow people to use Facebook, Twitter, etc. to sign in to Gratipay. I think it's fine to support linking social accounts to one's Gratipay profile once you're signed in, but we'd only accept email to sign in. |
ghost
mentioned this issue
|
|
|
(Anyone willing to implement password auth in Gratipay might want to take a look at how it's done in Liberapay: authentication.py, participant.py, etc.) |
|
I would recommend using bcrypt instead of PBKDF2 for password hashing, because the latter can be better accelerated with GPUs. There is a well maintained implementation of bcrypt by PyCA: https://github.com/pyca/bcrypt. |
|
@rohitpaulk is -1
|
Reticketed from #1052 and #3604.
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.
The text was updated successfully, but these errors were encountered: