It is not a bad workaround. But given the workaround exists, AUTH isn't achieving anything.

Nonetheless I'll implement it simply because it is easier to change my code than to change other people's thinking.