Just like apps and websites implement “Sign in with Apple” and Google couldn’t we build some kind of federated authentication provider? Then everyone creates an account there and fedi apps can implement an easy way to authenticate users. Even non fedi apps could use it. I imagine user interaction between different fediverse platforms would be much easier too.

I guess could run an auth instance. Ideally everyone would run their own, keeping your data safe.

Is there something likes this already? Saw some discussion here but not much else https://socialhub.activitypub.rocks/t/single-sign-on-for-fediverse/712

  • Saleh@feddit.org
    link
    fedilink
    English
    arrow-up
    13
    ·
    11 hours ago

    Yeah, also if the one login gets compromised, oh boy…

    Anecdote time. My first e-mail account got hacked. I still had my Steam account attached to it. Now i have a VAC Ban in CS2 because some chinese kid used it for hacking ingame.

    • tomatol@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      2
      ·
      10 hours ago

      Your password manager’s login can also get compromised

      • 4am@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        ·
        8 hours ago

        So we should make a remote single point of failure, maintained by someone who probably isn’t a security expert or working on it full time?

        No, this is unfortunately the opposite of what we should be doing.

        • tomatol@lemm.eeOP
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          7 hours ago

          Not a single point but multiple points. Anyway I’m not gonna pretend I’m an expert in security! I just think it’s a feature worth exploring.