logoalt Hacker News

sandeepkdtoday at 4:38 PM1 replyview on HN

Unfortunately its a common misconception, it feels easy, however auth is a lot more harder to do it right, specially when it comes to recovery. A simple example, protocol like TOTP (time based OTP) uses the concept of shared secret and almost every implementation stores the secret as it is in their databases


Replies

whalesaladtoday at 5:30 PM

I gotta say, this is not a very strong argument for not doing auth yourself.

show 1 reply