This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
my question : which login method you advise me to use? the first one is complicated requiring an embedded browser and server but seems powerful . the second method is simple but probably my users will feel their login is not secure because i'll be asking them to input their google username and password even-though i'll not store them.
can you advise me which option to use for my desktop application, and mention the pros and cons of both authentication methods mentioned above?
my second question is : will it be safe if i encrypt the google "access_token" and store it in user hard disk? will this pose any security risks?