They could make an SSO but who would use it? Proton users make up such a small portion of the web that it wouldn’t be worth the effort and they might as well include 8541705317 other accounts at that point, as far as they’re concerned.
They use SSO because almost everyone already has 1 or more accounts with Google, Amazon, Microsoft, etc.
@helenslunch Nobody uses a good privacy/security focused IdP because one doesn’t exist for consumer / smb besides a small handful (many which you noted).
No, no one uses them for the same reason they don’t use any other privacy/security-focused product: No demand. There’s a small niche of consumers who do care and use products like Proton but it’s an absolutely miniscule fraction of the populace who simply don’t care, or don’t care enough to actually do anything about it.
You mean like something to compete with services like DeleteMe, Incogni and Aura?
I’d be down for that, I’d like it to be included with proton family, that would give me a good reason to bite the bullet and pay the extra money for it.
I think that @theomegabit@infosec.exchange is asking for Proton to become an OAuth/OIDC provider. This would allow you to sign into any service, app, platform, etc. that supports it using your Proton account. Some common providers that are widely supported are Google, Apple, Github, Facebook, and Microsoft.
It is generally considered more secure than using “regular credentials” like username/email and password when using several services. There are a few downsides to this though. One of those downsides is that your OAuth/OIDC provider will have record of all your accounts used through OAuth/OIDC. For example, @theomegabit@infosec.exchange would like to avoid Google knowing about the various services used.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !protonprivacy@lemmy.world
Empowering you to choose a better internet where privacy is the default. Protect yourself online with
Proton Mail, Proton VPN, Proton Calendar, Proton Drive. Proton Pass and SimpleLogin.
Proton Mail is the world’s largest secure email provider. Swiss, end-to-end encrypted, private, and free.
Proton VPN is the world’s only open-source, publicly audited, unlimited and free VPN. Swiss-based, no-ads, and no-logs.
Proton Calendar is the world’s first end-to-end encrypted calendar that allows you to keep your life private.
Proton Drive is a free end-to-end encrypted cloud storage that allows you to securely backup and share your files. It’s open source, publicly audited, and Swiss-based.
Proton Pass Proton Pass is a free and open-source password manager which brings a higher level of security with rigorous end-to-end encryption of all data (including usernames, URLs, notes, and more) and email alias support.
SimpleLogin lets you send and receive emails anonymously via easily-generated unique email aliases.
They could make an SSO but who would use it? Proton users make up such a small portion of the web that it wouldn’t be worth the effort and they might as well include 8541705317 other accounts at that point, as far as they’re concerned.
They use SSO because almost everyone already has 1 or more accounts with Google, Amazon, Microsoft, etc.
@helenslunch Nobody uses a good privacy/security focused IdP because one doesn’t exist for consumer / smb besides a small handful (many which you noted).
No, no one uses them for the same reason they don’t use any other privacy/security-focused product: No demand. There’s a small niche of consumers who do care and use products like Proton but it’s an absolutely miniscule fraction of the populace who simply don’t care, or don’t care enough to actually do anything about it.
You mean like something to compete with services like DeleteMe, Incogni and Aura?
I’d be down for that, I’d like it to be included with proton family, that would give me a good reason to bite the bullet and pay the extra money for it.
I think that @theomegabit@infosec.exchange is asking for Proton to become an OAuth/OIDC provider. This would allow you to sign into any service, app, platform, etc. that supports it using your Proton account. Some common providers that are widely supported are Google, Apple, Github, Facebook, and Microsoft.
It is generally considered more secure than using “regular credentials” like username/email and password when using several services. There are a few downsides to this though. One of those downsides is that your OAuth/OIDC provider will have record of all your accounts used through OAuth/OIDC. For example, @theomegabit@infosec.exchange would like to avoid Google knowing about the various services used.
@theomegabit @protonprivacy Adding @protonmail to get their attention.
@theomegabit @protonprivacy