On Wed, Jul 12, 2017 at 4:37 PM, Magnus Hagander <magnus@hagander.net> wrote:
On Wed, Jul 12, 2017 at 4:35 PM, Greg Stark <stark@mit.edu> wrote:
On 12 July 2017 at 15:27, Magnus Hagander <magnus@hagander.net> wrote: > > That said, this is not intended to *replace* the username/password login > part, it would be in addition to it.
In that case I think it's actively a bad idea. If people would still have to create another password there's no point and it would contribute to people not wanting to use common auth schemes like this.
They would not have to make another password. It would be possible to create a community account without a password (which would then only be reachable through an oauth login from a supported provider).
If you just have to make a username that's not as bad (though not ideal).