How hard is it to implement email verification?
this post was submitted on 19 Jun 2026
477 points (96.1% liked)
Mildly Infuriating
46385 readers
1309 users here now
Home to all things "Mildly Infuriating" Not infuriating, not enraging. Mildly Infuriating. All posts should reflect that. Please post actually infuriating posts to !actually_infuriating@lemmy.world
I want my day mildly ruined, not completely ruined. Please remember to refrain from reposting old content. If you post a post from reddit it is good practice to include a link and credit the OP. I'm not about stealing content!
It's just good to get something in this website for casual viewing whilst refreshing original content is added overtime.
Rules:
1. Be Respectful
Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.
Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.
...
2. No Illegal Content
Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.
That means: -No promoting violence/threats against any individuals
-No CSA content or Revenge Porn
-No sharing private/personal information (Doxxing)
...
3. No Spam
Posting the same post, no matter the intent is against the rules.
-If you have posted content, please refrain from re-posting said content within this community.
-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.
-No posting Scams/Advertisements/Phishing Links/IP Grabbers
-No Bots, Bots will be banned from the community.
...
4. No Porn/Explicit
Content
-Do not post explicit content. Lemmy.World is not the instance for NSFW content.
-Do not post Gore or Shock Content.
...
5. No Enciting Harassment,
Brigading, Doxxing or Witch Hunts
-Do not Brigade other Communities
-No calls to action against other communities/users within Lemmy or outside of Lemmy.
-No Witch Hunts against users/communities.
-No content that harasses members within or outside of the community.
...
6. NSFW should be behind NSFW tags.
-Content that is NSFW should be behind NSFW tags.
-Content that might be distressing should be kept behind NSFW tags.
...
7. Content should match the theme of this community.
-Content should be Mildly infuriating. If your post better fits !Actually_Infuriating put it there.
-The Community !actuallyinfuriating has been born so that's where you should post the big stuff.
...
8. Reposting of Reddit content is permitted, but attribution is not required in any way. No links to Reddit in post body
-If you would like to provide a source link, do so in the comments but not in the post body.
...
...
Also check out:
Partnered Communities:
Reach out to LillianVS for inclusion on the sidebar.
All communities included on the sidebar are to be made in compliance with the instance rules.
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yes, I prefer an Email/password, too, so to depend less on third-parties, and keep it more transparent.
Yet, OAuth/OpenID is significantly easier legally and financially than Email processing (even via outsourced services as MailChimp) and store someone's personal information as Email address in databases, if compared to a social account ID, in long term.
Not only that, but OAuth providers have APIs to get sufficient User information, and regularly actualize, including: Name, Email (yet, by requested/allowed scope only), activity on that social network as posts/channels/followers count etc., which may be a requirement for their Staff/algorithms to determine the priorities for transactions/support and/or security involved.
This right here. I'd rather my email stay the source of truth for auth, but totally sympathize with website owners that don't want to store and protect any sensitive user data (like an email address and password).
I do wish some sites would offer the magic link option if they don't want to keep password hashes. It has problems too, but can be a simple way sometimes.
On some level I know the OAuth flow should be pretty safe. The idea that I have one identity that gets me into multiple sites makes a lot of sense. And I'm already using the same email in most places, so it's not like I'm anonymous anyway.
And yet... I can't convince my paranoia that 'sign in with Google' isn't oversharing. I always worry that authorizing with other sites will give too many permissions to see/alter Google/whatever data, or that clicking it will take me to a fake Google/whatever page where I give away my creds.
Technically, using an email and password is being dependent on more 3rd parties to keep your information safe.
Third parties that are getting one of maybe 6 emails and a unique password?
I'll take my chances.