There seems to be a number of techniques to authenticate a person on the web. Most commonly there are
- Javascript Pop-ups (Google, Firefox Persona, Disqus, etc)
- HTTP Redirects (OAuth, Facebook)
- IFrames, with sandboxing set as needed.
Question
Is one approach more secure than the others? What are the tradeoffs?
Come to think of it, I think Facebook may offer both OAuth Redirects and a JS based popup.