What should it be our authentication system?

[harvic3]

• Passport 👍
• OpenID 🚀
• Other, which one? ❤️

@retamiro what do you think?

[retamiro]

I prefer to have full control, so OpenID with JWKS validating in my view is very simple and functional, as well as being lightweight.

Now Passport you normally depend on third parties for your solution.

If you need to increase the security level, implement 2fa, there is also mtls

[harvic3]

I also like OpenID, and about 2FA, I also think is a very good feature. I also have been thinking about OTP for password (3 minutes of maximum life and deleted it after its use), it means no password in any database.

@retamiro I think we have to plan a meeting to talk about it. Please send me an email.
Yo no hablo Portugués, pero hablo Español, podemos hablar Portuñol, Portugles, Spanglish y lo que salga. 🤣

[retamiro]

I see OTP for specific transaction usage, but I can't see the exclusive single usage of OTP.

Here in Brazil, a very common use of OTP is in banking applications, where certain operations or channels require a short-lived token, normally 2 minutes.

@harvic3
I'm going to send an email so we can talk via teams, discord or others, let's go portunhol huahuahuha