Hacker News new | past | comments | ask | show | jobs | submit login

As a company, I much rather not deal with passwords, MFA, and password/MFA-reset procedures. That costs money to develop and maintain.

Storing ClientID and ClientSecret for OpenID, or some keys for SAML per customer is much easier, and a lot less risky.

After all, I'm in the business of solving (insert SaaS problem), not in the business of solving authentication.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: