To add on to this, might it be possible to add a little discord icon somewhere on the user panel beside posts that copies the users discord to the clipboard? This would make it easier to add people and avoid impersonation.Title says it all![]()
I'm confused by your video? Its just you cutting "name#0000 from a text box.
Why should this be added?
To add on to this, might it be possible to add a little discord icon somewhere on the user panel beside posts that copies the users discord to the clipboard? This would make it easier to add people and avoid impersonation.
Do you mean to tell me that all discord bot devs and web devs integrating with Discord OAuth have lied to me about it being the most convenient and secure way for a user to access the contents of a platform that I'm commissioning them for?Unlike Google, Discord does not provide much account security
Adding login with Discord would really just be for user convince. Unlike Google, Discord does not provide much account security and many individuals have their accounts get banned from the service.
If members develop a habit of logging in with Discord and suddenly Discord becomes unavailable, they simply will not be able to login if they forget their login credentials such as in the case they change devices and don't transfer it. The worst part is that once it is implemented, we cannot as easily remove it.
And really...I doubt too many people use the web version of Discord, so they would not already be logged into Discord unlike with Google, so it might even make it harder to login for some individuals.
If we were based on a Discord server, I'd support it, but for us, it does not make much sense.
Do you mean to tell me that all discord bot devs and web devs integrating with Discord OAuth have lied to me about it being the most convenient and secure way for a user to access the contents of a platform that I'm commissioning them for?
Depends on your platform. In the long-term, if your users are likely to migrate off of Discord or you are not based on it, then you might not want to rely on Discord for authentication, especially with the chance that user accounts get banned, deleted or if Discord itself goes down as it regularly does. It would certainly cause some issues for account recovery without the Discord account and you might be left without 2FA to verify users because you are likely depending on Discord for security entirely. As Discord is not an email provider like Google, they are more likely to get locked out for longer periods of time, especially when say the Discord user is depending on Gmail. Discord does not have a backup email like Gmail either.Do you mean to tell me that all discord bot devs and web devs integrating with Discord OAuth have lied to me about it being the most convenient and secure way for a user to access the contents of a platform that I'm commissioning them for?
As stated above and the horrifying part for me is us being unable to remove Discord authentication once we implement it. If they just create a password after signing up with Discord, they are less likely to remember that password because it is never used and I have witnessed some cases with login with Google even. Their password manager might not register it correctly either.Discord OAuth can be used initially to grab an email address, avatar/profile icon, and a couple of other details that are useful. Then the website would autofill these in an account signup form, and all the user would have to do is create a password to go with it. That way, people can one click login with discord later on, or alternatively use their email and password as well. Best of both worlds.
I agree.Adding login with Discord would really just be for user convince. Unlike Google, Discord does not provide much account security and many individuals have their accounts get banned from the service.
If members develop a habit of logging in with Discord and suddenly Discord becomes unavailable, they simply will not be able to login if they forget their login credentials such as in the case they change devices and don't transfer it. The worst part is that once it is implemented, we cannot as easily remove it.
And really...I doubt too many people use the web version of Discord, so they would not already be logged into Discord unlike with Google, so it might even make it harder to login for some individuals.
If we were based on a Discord server, I'd support it, but for us, it does not make much sense.
