Personally, as a user I do not want to authenticate through a third-party and give access to my personal informations. I always use an email/password combo and store everything in a password manager. Also, if one account is hacked, my other accounts are safe. Please, give your users a choice (unless its an enterprise, then some restrictions may apply of course). About your question @martmists, check OWASP's cheatsheet about password storage:

This cheat sheet provides guidance on the various areas that need to be considered related to storing passwords. In short:

• Use Argon2id with a minimum configuration of 15 MiB of memory, an iteration count of 2, and 1 degree of parallelism.

• If Argon2id is not available, use bcrypt with a work factor of 10 or more and with a password limit of 72 bytes.

• For legacy systems using scrypt, use a minimum CPU/memory cost parameter of (2^16), a minimum block size of 8 (1024 bytes), and a parallelization parameter of 1.

• If FIPS-140 compliance is required, use PBKDF2 with a work factor of 310,000 or more and set with an internal hash function of HMAC-SHA-256.

• Consider using a pepper to provide additional defense in depth (though alone, it provides no additional secure characteristics).