I am in the process of releasing my webapp which requires users to login to my app first and create profile but instead of using the own login functionality i am only relying on OAuth and i am allowing users to login with Google/FB/Microsoft/GitHub/Linked-In. Only information i want is their email address (and optionally First & Last name). I am also displaying what information is received from respective provider.<p>My reason for not implementing my own login is it may not be as secure as the biggies in the business, i don't have to deal with the mess of activation/reset password thing, OAuth is fairly simple and less complicated to implement.<p>I signup to other sites using OAuth just to avoid remembering another user/pass, but do you think its a good idea to completely rely on Oauth?<p>I can add the help page link / button to assure user why i am using OAuth but still will it affect the user signups and BTW all services will be free on my site.
Really depends on what your app does/what field it is in (what do other apps in the space do?), and there are nearly always going to be users for which one of the two is not an acceptable solution.<p>For social type stuff, Facebook/Twitter seems quite established, with professional or technical tools I'd be more careful.
Curious if the app really needs login.<p>If it does, I would definitely favor using something well tested rather than trying to invent a new login process.<p>If it does not, I favor reducing the friction for finding users (which is different from the number of email addresses a site can collect) by making giving an email address opt-in.<p>Good luck.
I never use the OAuth option personally. I wouldn't read a help page. I always offer both OAuth and email/password in implementations. I don't find managing my own logins difficult. Having said that, the percentage of users who opt for OAuth is much higher.