I don't think that should be a stumbling block. Ideally, we are all using nsecbunker (or a variant) without event knowing it. When a user clicks "Sign in with Google" 99% of them have no idea what is going on, but it just works. Like OAuth providers, there will be nsecbunker providers, and some technical folks may choose to roll their own. But for most users, they just have the simple experience that they have grown accustomed to.