I mean, pretending to be someone in another instance, “stealing” the username, is trivial. I see the more likely targets being instance admins or high profile users. Should we worry somewhat about this?

  • PonyOfWar@pawb.social
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    Yes, for sure. While the identity of a user can be checked, nobody is going to do this every time. IMO the simplest solution would be to just always show the instance even if a display name is set.

      • I Cast Fist@programming.devOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        It currently shows: pic, username (or login name@instance), local link to the comment, federated link, language

        Seems like the easiest solution would be to always show the user’s instance in a separated column