no. whats amazing is that a bunch of people who supposedly care about such basic fundamentals like having open protocols always unanimously agree with "the company has an advanced proprietary risk analytics model to decide whether and how you get to log in. we can't talk about it because of security reasons".
well, the article is just wrong but i don't feel like going into the nuances of how identity works with a bunch of zero attention span web devs but i blame UN*X for this situation by making computers too hard to use (both securely and at all) with contraptions like email and PGP. all authentication should be done with public keys. open protocols require solid foundations which include the user being security-competent. you can layer on the "poor old dumb user" stuff on top of that, for example by letting him have a 3rd party company hold his private key. but again, this article is just wrong and scoped into very specific things people like to "debate" while having no clue about the big picture. it's absurd to even imagine that the web meta (a bunch of dot com boomers who dont give a fuck about anything other than going with the flow and creating solutions looking for problems, and knee jerk solutions to current problems) represents anything about established security engineering literature
well, the article is just wrong but i don't feel like going into the nuances of how identity works with a bunch of zero attention span web devs but i blame UN*X for this situation by making computers too hard to use (both securely and at all) with contraptions like email and PGP. all authentication should be done with public keys. open protocols require solid foundations which include the user being security-competent. you can layer on the "poor old dumb user" stuff on top of that, for example by letting him have a 3rd party company hold his private key. but again, this article is just wrong and scoped into very specific things people like to "debate" while having no clue about the big picture. it's absurd to even imagine that the web meta (a bunch of dot com boomers who dont give a fuck about anything other than going with the flow and creating solutions looking for problems, and knee jerk solutions to current problems) represents anything about established security engineering literature