this post was submitted on 17 Mar 2025
106 points (100.0% liked)
Fediverse
32124 readers
1453 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to [email protected]!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I mean a federated authentication server that you can host yourself if you want.
I don't understand what you mean about using a password manager, you can still do that. Also your identity is tied to a lemmy instance right now anyway.
My Lemmy instance only owns this account, not secondary accounts on separate websites
Right well I guess your concerns also apply to apple sso, google and sso in general. I don't think it's something you would use but mainstream users might definitely appreciate the feature.
No one should be using any of that. People use that because they don't understand how password managers work.
It sound like this is just not for you then. Yep password managers are not user friendly. Single tap sign in button is. Is it less secure? Probably. You'd still have the option to login regularly.
After all the fediverse is for social media. It should be easy to use for the masses. It also means you won't be storing your bank info in a fediverse app so the damage is not that bad if someone hacks you. Instagram and tiktok accounts get hacked all the time btw and it's not the end of the world.
It doesn't sound like you've used a password manager
Single tap sign in is available in password managers via passkeys.
It is as secure as the service you're using to sign in. What it's not is private.
Again, no one should be using this and we certainly should not be encouraging anyone to use it.
For many of those people, it is a giant problem.
There's no point in using a password manager in your scenario. It's redundant.
It's not, actually. But even if it were I wouldn't create a profile web of accounts that are all linked together by my Lemmy account.
I think I understand the self hosted identity server part, and authenticating with it on different sites. But what is the federated element you're talking about? What would that instance federate, and with whom?
If we're moving into a single sign-on for several federated accounts, that's cool. People have been asking for that for ages! But the identity provider itself wouldn't (need to) be federated for that to work, right?
I'm guessing it would have to federate with whatever platform decides to implement the single sign on feature. Not sure will leave the details to smarter people haha. Hope some day it could be implemented because it would be pretty useful if it can be done in a secure way.
FWIW, you can setup IndieAuth — on its own or as part of the IndieWeb plugin suite for Wordpress. It may not be quite what you're looking for, but it's a step in the right direction?