←back to thread

Better Auth, by a self-taught Ethiopian dev, raises $5M from Peak XV, YC

(techcrunch.com)
282 points bundie | 1 comments | 25 Jun 25 18:07 UTC | HN request time: 0.196s | source
Show context
yodon ◴[25 Jun 25 22:32 UTC] No.44382371[source]
Pretty sure auth is not something I want a self-taught dev (or even most CS-graduate devs) writing.

Oauth2, JWT's, hashes, timestamps, validations, and such, are all totally simple until they're not. The black hats have way more experience and way more time invested in this space than most any normal dev.

replies(8): >>44382542 #>>44382600 #>>44382664 #>>44383532 #>>44383603 #>>44385107 #>>44385540 #>>44459701 #
1. phendrenad2 ◴[03 Jul 25 22:32 UTC] No.44459701[source]
I consider it a red flag when people say this. Security is everybody's responsibility, and if you can't implement, say, oauth2, something that has a clear specification and dozens of implementations to learn from on Github, then I can't trust you to handle the day-to-day freeform work.