Protecting Users
In the last post, I walked through the steps I took to authenticate users via email and password, and add them to the database. Everything worked for me and Albatross, but when Finch went to sign up, her browser (Chrome) raised a security flag. I googled the problem and was directed to sign up for Search Console, then used ChatGPT to find further instructions.
Google’s Search Console is an interesting tool, but was not very specific as a diagnostic.
I haven’t implement any additional measures in the user sign up process yet — there are no password length or format requirements, and there’s no CAPTCHA — so I assume that’s the security concern. Firebase handles the user database, and we’re just using dummy data for now, so I’m going to continue building.
I know what Google wants me to do here is use a pass-through system, where users login via their Google/GitHub/Twitter account. But I want to slowly build independence for Rookery, piece by piece.
Safety and security are vital to our product. We’re going to have to build a custom login system, but I have a cybersecurity team to help with that. It can wait for now.
DALL·E prompt: Portrait of an emperor penguin in the style of Élisabeth Louise Vigée Le Brun
