That is a legitimate concern, however as of today the usability issues I mentioned are hard- and the use of a system browser doesn’t fully assuage those concerns: for example, unless you use the secure desktop API in windows there’s always the possibility of the app to have a global keylogger that will intercept the message pump no matter what app is in focus. The main reason for tolerating the usability issues of the system browser on desktop is achieving SSO rather than sheer security (whereas in mobile platforms the security advantages are more substantial)
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| How to use auth0 with electron and external user agent (browser) | 1 | 3666 | November 17, 2023 | |
| Securing Electron Applications with OpenID Connect and OAuth2 | 53 | 11906 | October 30, 2024 | |
| SSO with multiple electron apps | 1 | 4149 | August 18, 2020 | |
| [Electron] Redirect from the web to deep link doesn't close the web page | 3 | 7023 | February 20, 2020 | |
| Custom Login from main Process in Electron App | 2 | 6415 | March 2, 2018 |