tootbrute

oidc, saml, ldap etc, etc....yes, i'm researching authentication again. scary stuff.

again, shout out to #yunohost that does all this stuff by default. i always say this --- authentication is the hardest part of self-hosting.

Jun 17 at 6:45amWeb
Show threadtootbrute1d ago
ok no excuse. just looking for a NixOS tutorial of one of these things...like authelia or authentik.
Show threadIrgndSonDepp1d ago
@tootbrute great, now I have "we didn't start the fire" stuck in my head. 🤣
Show threadJak2k 🏳️‍🌈1d ago

@tootbrute Pocket-ID is awesome! It's super easy to set up, lightweight and uses passkeys.

I used to run authentik and it was very heavy and slow.

Show threadtootbrute1d ago
@jak2k hmm passkeys? i don't even understand those. can't get my normie family and such to deal with that. does look pretty spiffy though.
Show threadJak2k 🏳️‍🌈22h ago

@tootbrute They work like Yubikeys but are software built-into all mobile OSes and most password managers by now.

Shouldn't be much more complicated than touching the fingerprint sensor. I have to click the a button in Pocket-ID, then a passkey app selector comes up, I select one, it triggers a fingerprint auth with Android and the next moment I'm in. iOS works the same.

Show threadtootbrute22h ago
@jak2k so linked to a particular device. nope. doesn't sound better than passwords.
Show threadJak2k 🏳️‍🌈15h ago
@tootbrute I use KeePass clients on all my devices that support passkeys.