Eliminate Facebook and Google as ID for AmpliFi.Lan
I would much prefer to (optionally) set up my own account and password instead of Google or Facebook. I do not trust their privacy at all. Using these is lazy and not becoming a quality company. So please change AmpliFi.lan and AmpliFi.com to add a regular log in system.
I to are not to keen on giving Google (just deleted Facebook) to much of my information. I have tried to find out what information Google are able to access when using their signin system, but to no avail. All I have been able to find is what 3rd party can get from Google. Maby someone her can enlighten me @UBNT-Gunars. What meta-data can google read from my sign in? I'm guessing time, location, ip, are there anything else?
+1 from me in Norway.
Just say the word GDPR, are you in control of this data when we must use Google or Facebook from us in EU?
We're planning to add our own SSO as an option. It's the in-house solution from UniFi.
@Øyvind-Thoresen: I think that using these authenticators gives them little additional information. In the case of Google login with Android app, I would assume they already know, and enabling remote access makes no difference from a privacy perspective.
Thank you. Looking forward to the implementation of your own solution.
Just a general reply here (17 years as a web developer/architect): You’re not giving FB or Google any more information than they already have about you. Standards such as OpenID and OAuth exist for one reason: To allow sites to use them for authentication, which is just to prove you are who you say you are. Seventeen years in this business, and I sure as hell trust larger technology firms’ authentication systems much more than I would trust a small company attempting to roll their own solution.
So I’m not really sure what the fuss is about here...Amplifi isn’t giving FB or Google any information, they are just using those companies immense resources for authentication rather than rolling their own. Getting authorization/authentication systems right, from scratch, is incredibly difficult, and incredibly expensive. Quite honestly, I’d rather Amplifi devote those resources to making a better product. This isn’t being lazy, this is called being efficient by using other company’s tried and true authentication systems. These standards exist for a reason, and they are wildly popular for a reason as well.
Just my .000002 cents. Carry on.
For me the problem is remote managing multiple installations.
I am not sure if anything has changed recently, but I originally had to create a separate account for remote managing each installation, and only one login could be used for each installation as well.
Has that improved?
My understanding is that AmpliFi is being added to the Ubiquiti Network Management System app in Q4.
I believe that is the in-house SSO they are referring to.
Since it is part of Ubiquiti it is probably pretty robust.
Bug Bounty BannedThis post is deleted!
@jayson-knight One concern might be having multiple web services / devices relying on a single user/pass combination. Should that get compromised somehow, multiple services / devices are now at risk. Separation of credentials is a good component of overall security.