I have a question about IT security with YunoHost and would like to know what you think about it.
Normally, an IT security rule is that you should always choose a different password for each portal, forum, shop and the like. In this context, how do you rate YunoHost’s Single Sign On?
With YunoHost I have exactly ONE password for various APPs. Namely the login to YunoHost. I then have immediate access to all my APPs available there via SSO. And WITHOUT any further security barriers.
For daily use, this is of course very convenient for the user. But also for data thieves.
Or am I missing an important aspect? Is it just the usual balancing act between security and convenience? How do you see it? I’m curious to hear your views on the subject.
I guess you could wonder the same kind of stuff regarding Google stuff where they have a single sign-on accross youtube, gmail, google agenda, google docs etc …
Security is a complex matter and you could somehow argue that having “different password for each internet service” is bad because, factually, most people do not use password managers and then they write every passwords on postit or notebook they leave at their desk, or they reuse the same password everywhere which has other drawbacks. At least with single sign on, there’s only one endpoint to secure, not every single service etc… I’m sort of playing the devil’s advocate here, I don’t have a strong opinion regarding “SSO is better” or “SSO is worse” in terms of security.
With that said, there’s definitely improvements that could be made to YunoHost current SSO, such as using OIDC/SAML and supporting 2FA. But both these things are not trivial for various reasons.
Also yeah, of course everything in security is always a trade-off with other things … the first thing to remember is that security is not a “boolean state” like “XY is secure : true/false”, it’s a process transversal to everything and in particular human habits, convenience, threat models, etc … Also mandatory xkcd
@Aleks Thank you very much for your many thoughts on my question. Yes, in the end this probably also applies to google. Although I don’t use google and I like yunohost much better despite - maybe because of? - the difference in size
How do you mean that there is only one endpoint and not every service has to be secured individually? The APPs are all individual services and could be attacked separately. Especially if the services have to be public in order to be accessible by others from the Internet (such as nextcloud or Fediverse APPs), all APPs must be secured. Right?
It’s completely ok that there are still a few things to improve at YunoHost. Rome wasn’t built in a day either
I wonder which course makes more sense in principle. I’m also not clearly in favour of or against SSO. That’s why I thought I’d have to talk to people who are a bit more familiar with SSO than I am.
