Just like apps and websites implement “Sign in with Apple” and Google couldn’t we build some kind of federated authentication provider? Then everyone creates an account there and fedi apps can implement an easy way to authenticate users. Even non fedi apps could use it. I imagine user interaction between different fediverse platforms would be much easier too.

I guess could run an auth instance. Ideally everyone would run their own, keeping your data safe.

Is there something likes this already? Saw some discussion here but not much else https://socialhub.activitypub.rocks/t/single-sign-on-for-fediverse/712

  • HiddenTower@lemmy.worldEnglish
    61·
    14 hours ago

    Since I’ve moved to a password manager I find these social logins less useful. Personal opinion.

    • Saleh@feddit.orgEnglish
      14·
      13 hours ago

      Yeah, also if the one login gets compromised, oh boy…

      Anecdote time. My first e-mail account got hacked. I still had my Steam account attached to it. Now i have a VAC Ban in CS2 because some chinese kid used it for hacking ingame.

      • tomatol@lemm.eeOPEnglish
        33·
        12 hours ago

        Your password manager’s login can also get compromised

        • 4am@lemm.eeEnglish
          4·
          10 hours ago

          So we should make a remote single point of failure, maintained by someone who probably isn’t a security expert or working on it full time?

          No, this is unfortunately the opposite of what we should be doing.

          • tomatol@lemm.eeOPEnglish
            11·
            9 hours ago

            Not a single point but multiple points. Anyway I’m not gonna pretend I’m an expert in security! I just think it’s a feature worth exploring.

    • z3r0@lemmy.zipEnglish
      3·
      13 hours ago

      Also doesn’t this comes against the decentralization principles of the fediverse?

        • forrgott@lemm.eeEnglish
          4·
          12 hours ago

          I have a hard time wrapping my head around this one. If you “federate” authentication, wouldn’t that just open it up to bad actors?

          • tomatol@lemm.eeOPEnglish
            21·
            12 hours ago

            Well right now Pixelfed has a sign in with mastodon button for example. Admittedly, I don’t know the details but I don’t think anything is stopping me from running my own mastodon instance just to sign up for Pixelfed.

            I agree it might be a nightmare to manage tho if everyone has their own instance but that would probably not be the case.

    • tomatol@lemm.eeOPEnglish
      1·
      12 hours ago

      I agree but I also thought this could solve things like mentioning a user across platforms for example.