Managing usernames and passwords in-house is so 2020

In a discussion with Ben Thompson of Stratechery, Tailscale CEO Avery Pennarun argues for outsourcing authentication in modern apps, highlighting the inefficiency and security risks of managing usernames and passwords in-house. He points out that open standards like OpenID, OAuth, and OIDC have transformed authentication by allowing users to log into multiple services with a single identity, reducing the need for each service to create its own login system. Professionally managed identity providers (IdPs) offer enhanced security, seamless user experiences, and simplified account recovery, which most companies cannot match. Despite concerns about centralization, these IdPs are likened to high-security vaults, providing superior protection and reliability. Pennarun introduces Tailscale's tsidp, an open-source OIDC server, which allows companies to maintain control over their authentication policies while leveraging the security expertise of major identity providers. He emphasizes the benefits of focusing on core competencies, suggesting that companies should let specialists handle authentication to improve security and efficiency.