I moved away from using popular services to log into third-party sites.
The said applications typically want to know more than what they deserve (for e.g. ABC wants access to Contacts but the problem was that ABC was just a feed reader)
Any security vulnerability while sharing a service like Google can be catastrophic since Google is all-powerful - thanks to my phone
If my password for a popular service (e.g. Google) gets compromised, I would never want access to all my other apps to get compromised
So, it was back to password managers for me. I can use different passwords for different applications. And, everything stays encrypted + 2FA secured.
I understand that I risk security if my master password or become a target for SIM jacking - but risks come bundled with compromises and ease-of-use :)
Totally agree! I’m also currently using Bitwarden to manage my passwords because of the lack of a trustful Identity Provider.
What do you think if we have an Identity Provider that:
requires websites to explain why do they need special permission (like having access to contacts) and allows users to opt-out easily
open source the code so anyone can freely audit and therefore security issues are fixed earlier
SimpleLogin wants to be this Identity Provider that people can trust, both in terms of security and privacy. If you have any idea what’s missing to make you change your mind (ie not creating accounts for every service) please let me know!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I moved away from using popular services to log into third-party sites.
So, it was back to password managers for me. I can use different passwords for different applications. And, everything stays encrypted + 2FA secured.
I understand that I risk security if my master password or become a target for SIM jacking - but risks come bundled with compromises and ease-of-use :)
Totally agree! I’m also currently using Bitwarden to manage my passwords because of the lack of a trustful Identity Provider.
What do you think if we have an Identity Provider that:
SimpleLogin wants to be this Identity Provider that people can trust, both in terms of security and privacy. If you have any idea what’s missing to make you change your mind (ie not creating accounts for every service) please let me know!