On Mon, Oct 8, 2012 at 9:24 AM, goldenmean
I'd suggest for this work flow you'd just send the user back through
to Facebook to be the IDP and never bother with the password locally.
Create a table or similar that links the Facebook identity back to the
Joomla identity and always use the Facebook Connect IDP to
authenticate the user. I agree that providing a password defeats the
purpose, I'd suggest that just storing the link should be sufficient.
And in that case this work is likely not useful for you. Where it
would be useful is securely storing your Facebook app credentials in
the registry so that they're not necessarily sitting out in the open