Where’s Sign in With Tinder?

On a more serious note, I never understood how you’re supposed to keep track of this.

“Oh, sure, with Doodle, I use my business Microsoft account. With Trello, I don’t; I have an Atlassian account. This app is via Apple.”

RT @Northvein@twitter.com

When did this become normal

🐦🔗: twitter.com/Northvein/status/1


@chucker was just dealing with this and wondering how customer support people who already deal with a lot of forgot-password bs are managing with the massive proliferation of 3rd party sign in (most of which are a choice !! unlike SIWA)

@mood right?

Doot doot

MomAndPop customer support!
— Yes, hello, I can’t sign in
OK, what’s your e-mail address?
— larifari97@gmail.con
OK, and is GMail how you usually sign in?
— ??
When you sign in, do you paste your e-mail, or do you sign in with Google?
— I have Facebook
Oh, you sign in with Facebook?
— ?? Uh I… what?

@chucker with mine it went —

MomAndPop customer support!
— hi, i’m trying to sign in but i forgot to record my password & i’m not getting any emails when i put in [my email] and tap “forgot password!” i’ve checked spam already
OK, there’s no account associated with that email, so…
— ohhhh i must have used .. something.. else. i’ll try things. sorry. this really changed the game for these kinda tickets didn’t it
OK, glad i was able to help! please rate my customer service

@mood I imagine what most people do is click the first logo they’re familiar with… and then everything else is a blur.

@mood I wonder if this opens them up to social engineering, though. They must have some kind of token, and probably more than that, that says “Mood signs in via LinkedIn® Premium”, but if they look that up on the phone call, someone could increase the attack surface

Like, even telling you whether the account exists is already controversial among infosec circles, no?

@chucker it is! i assumed that was a large part of why “forgot password” stopped automatically offering any difference in error messages depending on account status (used to be more common — even thought of as user-friendly — to offer up ‘no account with that name exists’.. i now shudder)

@chucker but yeah like you said, could use this new process to figure out which SSO to target for access to the most other services; other things .. 😭

Sign in to participate in the conversation

Unstoppable shitposting engine.