Just like apps and websites implement “Sign in with Apple” and Google couldn’t we build some kind of federated authentication provider? Then everyone creates an account there and fedi apps can implement an easy way to authenticate users. Even non fedi apps could use it. I imagine user interaction between different fediverse platforms would be much easier too.

I guess could run an auth instance. Ideally everyone would run their own, keeping your data safe.

Is there something likes this already? Saw some discussion here but not much else https://socialhub.activitypub.rocks/t/single-sign-on-for-fediverse/712

  • Captain Aggravated@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    ·
    16 hours ago

    It can, but is it likely to? To get my passwords, you’d need my KeePass database itself, which is only stored on computers I own. To unlock my password database, you need my password, which I have not stored digitally anywhere, and you’d need to have the keyfile. Oh which of the hundreds of thousands of files on my system is the keyfile?

    So you’ve gotten my password database open. Critical things like my lynchpin email address and banking accounts just aren’t in there. Those I memorize only. All of the “This would be bad if this got compromised” accounts have 2-factor authentication.

    Compared to breaking into a retailer or bank’s servers and getting hundreds of thousands if not millions of credentials, that’s a lot of effort to get one guy’s Lemmy account deets.