this post was submitted on 17 Mar 2025
106 points (100.0% liked)

Fediverse

32034 readers
1544 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to [email protected]!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
106
A "Sign in with fediverse" button? (lemm.ee)
submitted 1 week ago* (last edited 1 week ago) by [email protected] to c/[email protected]
46 comments fedilink hide all child comments
 

Just like apps and websites implement "Sign in with Apple" and Google couldn't we build some kind of federated authentication provider? Then everyone creates an account there and fedi apps can implement an easy way to authenticate users. Even non fedi apps could use it. I imagine user interaction between different fediverse platforms would be much easier too.

I guess could run an auth instance. Ideally everyone would run their own, keeping your data safe.

Is there something likes this already? Saw some discussion here but not much else https://socialhub.activitypub.rocks/t/single-sign-on-for-fediverse/712

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 week ago (1 children)

please correct me if i'm wrong on this. lots of people here saying that it's not practical because we would have to trust tiny instances that may be malicious. however, what if we make user's identity provable to anyone, simply by the use of logic? suppose we have a way of generating random proof-theorem pairs (for example, the theorems could be something like "the largest proper factor of n is greater than some m, where m and n are some huuuuuge numbers and n is semiprime", the proofs could be constructive). we let the identity be the theorem and the password be the proof. hence, anyone is able to verify the indentity by the use of a theorem prover like Agda

[–] [email protected] 3 points 1 week ago (1 children)

Congrats you just invented passkeys

[–] [email protected] 1 points 1 week ago (1 children)

why can't we use passkeys instead of passwords though? is it just a matter of convenience? if so, maybe there is a way to determine a passkey from a password?

[–] [email protected] 1 points 1 week ago

We can, passkeys are being adopted all over the web. If you specifically mean for Lemmy or fediverse services, it’s probably just a matter of adding support. It isn’t hard, per se, but it is important to get it right.

You can store passkeys in a password manager like BitWarden and they become portable. Then it doesn’t matter if you have a centralized authentication server. You just get logged in with your passkey, supplied by your password manager.