account separation
imagine all your accounts are stored on your computer. it makes sense to organize them with different directories.
but, you wouldn’t want to put your x account inside the google folder; that wouldn’t make sense. it wouldn’t make sense for your spotify account to be inside the facebook folder. what if you forget you’ve done that? where will you look for your spotify account? even worse, what if facebook changes the folder permissions? now you can’t listen to music because of facebook.
for many reasons, i think it’s a lot more efficient to keep everything separate and stay away from conglomerates.
you have to have an email account, and it has to be your identity for the majority of accounts. this can be your single point of failure on the account chain (which should be as short as possible).
emails are decently reliable for the most part. i’d recommend you never get a paid email and try to choose the largest provider that still aligns with some of your values. protonmail is what i use. funnily enough, the only issue i had with them was when i tried their vpn service and ended up getting my email locked. a great example to keep things separate.
oauth
oauth is great technology, but for proving identity, not becoming your identity. and i don’t think you should ever “sign up with x” with a few exceptions. such as if a service is tightly coupled with an oauth provider, and there is a drastic difference in dominance/importance, you’re more than likely good. you probably don’t care much for your discord bot without discord. even this can have pitfalls, though—what if you have multiple discord accounts?
some services take into account the inconvenience of being tied into a provider forever and allow you to “re-base” and switch to something else, such as pure email. but from my experience, it’s clunky at best and impossible at worst (chat-gpt).
password managers
password managers are great; they solve everything “login with x” does while allowing you to keep your account chain small and your password random and unique. you gain a vast amount of security and control. once you’ve been using one for a few years, it feels like magic.
> open a random cloud provider you haven't thought about in 4 years
> instantly know your secure password and associated email/username
> haven't used that email in 2 years? the password manager knows exactly how to access it.
tldr;
don’t add more points of failure to accessing your accounts. always sign up for new services with email or phone only. choose an email provider sensibly, and always use a password manager to generate and store credentials.