Looking at Medium Authentication and Proper Ways How to Sing Up / Sign In
Having worked in large corporations and start-ups, while struggling to find the perfect balance between UX and the security of various back-end systems, and seeing regular users losing access to various things (including losing crypto) or getting frustrated because of complex authentication processes, it is obvious that the user wants to deal as little as possible with the authentication process when doing job related work or having fun on-line. For that reason, more and more companies prompt the user with messages such us "Sign in with Google" or something similar, while the normal email and password system is left in a corner. This includes Medium.com.
A platform like Medium shouldn’t rely on a middleman for user authentication!
In my view, unless the majority of the users just want to play around and don't care about security, the preferred way to sign in/sign up should be with an email address and here is why:
- You might get banned from social media / gmail and then because of that lose access to all your articles or you might lose access accidentally to your social media or because of some hackers (they are more likely to target your main social media account or gmail account, rather than your medium account);
- You might be from some parts of the world where getting a Gmail/Facebook/Twitter account is difficult because of the status-quo trying to promote its own search engines or social media platforms (in that case, because of the Grate Firewall of the country you are living in, you might need to go trough the pain of getting a VPN).
Nowadays there are a lot more authentication options but, "Sign in with email" is still at the bottom of the list!
I am sure if you sign in with your gmail account, Medium will share your data, not only with all the advertisers they've agreed with, but also share your login data with Google.
Therefore, for those of you who are paranoid about losing access, or care deeply about personal data and have the needed time money & skills, I suggest the following:
1). If you don't have one, buy your own domain & setup your own email address;
2). Go to Medium, Sign In then "No account? Create one" and hit the ✉ option;
3). Use your email address & check the inbox for the medium magic link needed for log in.
OPTIONAL: You can use the domain you already with G Suite so that you and your team can use all the G Suite services, including: Gmail, Calendar, etc. and then sign in with a single click, using the Google option. That way, if you can't get in with "Sign in with Google" anymore, you can get rid of google altogether and put your emails into a regular web-based IMAP email client like Roundcube, then click "Sign in with Email".
The only annoying thing about this is deleting from your Inbox all those magic links :)
It looks hard, but this is how I log in to write here!
