this post was submitted on 06 Aug 2023
1446 points (99.0% liked)

Announcements

23277 readers
36 users here now

Official announcements from the Lemmy project. Subscribe to this community or add it to your RSS reader in order to be notified about new releases and important updates.

You can also find major news on join-lemmy.org

founded 5 years ago
MODERATORS
 

This is an opportunity for any users, server admins, or interested third parties to ask anything they'd like to @[email protected] and I about Lemmy. This includes its development and future, as well as wider issues relevant to the social media landscape today.

Note: This will be the thread tmrw, so you can use this thread to ask and vote on questions beforehand.

Original Announcement thread

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 11 points 1 year ago (1 children)

Even though they are both fediverse they still are quite different and one of the important differences is that lemmy does not support oauth so apps don’t have that option, as for why all mastodon apps use it: it’s because of the security benefits to the user and (as a lemmy app developer) implementing auth is hard lol

[–] [email protected] 2 points 1 year ago (1 children)

Oh okay, so does that mean that Lemmy is less secure and more prone to outsiders stealing login info, than with Mastodon? I ask as 0auth seems to be quite important based on some of the comments.

[–] [email protected] 3 points 1 year ago (1 children)

It does not mean that lemmy is less secure, but yes, it means that malicious app developers will have a much easier time stealing login credentials because entering them inside the app is already the norm. However this is definitely a feature that can be added so it does not mean anything bad long term

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

Thank you for explaining. :-)

So that would mean that there are no 100% secure Lemmy apps, that do have 0auth or something to ensure that bad developers don't steal login information?

EDIT: Added second part