To be clear, looking to hear whats your preferred authentication method as an end-user (not as a developer).<p>Example:<p>Phone Number
Gmail
Social (fb, linkedin, github etc)<p>Sorry, if there is already a discussion around this. Feel free to link me.
login-id + password<p>Random websites simply <i>do not</i> get my phone number (and if they persist, they often receive 123-456-7890 which quiets them down). I do not use gmail (and random websites would not get it if I did). I also do not use fb/linkedin, but even if I did, random websites also would not get that information either. Do have a github account, but again, random websites will not receive that information either.
I second everything that pwg said[0]. Why should I give a random website information? There has to be an exchange, and it has to be fair. Do they provide enough value for me to give them information?<p>Rarely.<p>Do they <i>need</i> the information to perform the service they are offering?<p>Rarely.<p>For me, login-in / password. If they're asking for more then it had better be obvious from the start that it's worth the trade.<p>[0] <a href="https://news.ycombinator.com/item?id=22771460" rel="nofollow">https://news.ycombinator.com/item?id=22771460</a>
For HTTP(S) stuff, HTTP authentication (basic or digest auth). However, better would be to use SASL (which is usable with many protocols, although I think HTTP(S) unfortunately doesn't), and then from that to have some sort of SASL method which allows decentralized authentication like OpenID but does not require a web browser.<p>What I hate is using a telephone number (I don't want them to call me on the telephone, and other people in my house might use the same service so then that won't work so well!), Gmail (I don't use it), GitHub (again I don't use it), Facebook (again I don't use it), etc.