#aaronpksomeone has to have an api key with github to use github login. That person is then responsible for maintaining it and also takes on the risk of someone abusing it. So requiring that someone who's using it establish some relationship is appropriate