Besides being a self-taught developer, Bereket also did at least three years of a university CS program before dropping out to work full-time. Source: his CV.

I don’t know about you, but most everything I know on those subjects is self taught. University is overrated for computer science.

As soon as a self-taught-dev can't write this anymore and auth is fully in the hands of only big corps, I'm pulling the plug.

Yes, a self-taught-dev should not write their own hashing-algorithms and so on, sure. But if Oauth2 is so complicated and hard to get right (and test), well then maybe the standard isn't so great.

> The black hats have way more experience and way more time invested in this space than most any normal dev.

Surely the black hats you refer to are themselves self-taught? They didn't find a school that would teach them about crime, right? In that case it seems like self-taught can be good enough.

I learnt to program (in a very basic way) before doing the whole paper qualification thing. Am I self taught? Is that some kind of signifying badge one loses once one gets a 'proper' education? I also know many people _with_ the paper qualification I wouldn't necessarily trust

Rhetorical questions of course as we all know it's a clickbait title, but perhaps it would be nice for this label to stop being thrown around like it has any real consistent meaning or significance?

Auth is really not difficult to write. It's don't roll your own crypto, not don't roll your own auth. People need to stop spreading this fud.