Namespacing on


The approach I described takes literally 3 seconds using your own preferred “IdP”:

As you see, it comes with “a point-and-click experience with strong authentication (e.g. U2F) and active monitoring for suspicious activity”.

The difference with this approach is that developers can make their own decisions and pick whatever proprietary “IdP” they prefer, including none at all (and use their own domain).


While I’m sure this is all wonderfully intuitive to you, I would not consider that a good user experience for what is fundamentally an access control management tool.

You’re also kind of missing the point re: “active monitoring for suspicious activity”. The kind of interesting authentication and access change events that GitHub monitors for in its own account system are oblivious to changes you’re making in a text file…


At the point were a malicious user has circumvented “active monitoring for suspicious activity” to log into a victim’s account you are in pretty bad shape security-wise anyway.


Docker is an example here. They use namespace for any docker images. So it would be nice if does the same thing.