Are there any third party ways to verify a user to login on a mobile app or should you always store the usernames and passwords yourself. Facebook login is a good way I think but I also wanted to offer a login with email. I know I could hash passwords and whatever for logging in but I would prefer to use an existing resource for this which may be more secure. Thanks.
Google Firebase Authentication AWS Cognito Netlify Identity I think Heroku has an option as well. Pick the one that best aligns with your actual hosting.
I plan on using either aws or firebase thanks for the input
I scaled firebase auth even after ditching every other element of firebase. It’s got some dumb limitations (like you can’t manually verify an email) but you can integrate pretty much anything with custom auth (even something like Okta). Pretty decent for free, esp. for a mobile app with a light backend.
Check out SRP - that's how AWS cognito handles passwords. Or just use cognito, or Auth0
When Hash make sure it's a 1 way hash only. Like Bcrypt
Reversible hash is not a hash by definition.
“Cryptographically strong hash” is not reversible :)
Integrate login with Facebook. They'll take care of it for you.
They’ll make sure to store all your users’ passwords in plain text for you.
OP please don’t contribute to facebook’s enormous wealth of personal data
I’m a fan of Django’s auth system ootb
Node has passportjs you can use
Rails has cancan and devise
Well, what language are you using? Help us help you.