I’ve been thinking about a feature that might improve account security with regards to logging in to Lemmy apps. Currently there’s a lot of new apps being developed for Lemmy and I’m a bit hesitant to log in with my main account so I use a separate account for testing. Not that I don’t trust the developers but I think there’s some security risk with providing your username and password to any random app that could use it in the wrong way either intentionally or not (due to a bug).
So my suggestion is to add a new feature to the account settings page on the web server/instance that allows you to setup a secondary password (maybe as a sub-account) with separate/custom permissions. This secondary account/password would be used for logging in to apps (or even on the main server web page) instead of using your main account/password.
For example, you could change the permissions for the secondary account to only allow creating new posts/comments and vote, but to deny deleting posts/comments, changing the password or email address or to delete your account (you would have to log in with the main account/password on the web server to be able to perform those actions).
This would reduce the risk of someone taking over your account if the secondary password is leaked for example.
What do you think?