Most people tend to start on Mastodon through the official app, which is simply called “Mastodon” and available on the Apple App Store, Google Play and F-Droid.
However, you don’t need to do this! In fact, you will probably enjoy Mastodon a lot more if you sign up on a server through JoinMastodon.org ⧉ or Fedi.Garden ⧉ and then sign into your account using one of the third party apps listed below, or if you prefer you can use your server’s web app or website.
Official Mastodon apps
Mastodon was originally launched in 2016 and all of its apps were third party. The official app (for Android and iPhone/iPad) was only introduced in 2022 as new people were expecting there to be an official app. However, it was intended just as a beginner’s app and was not meant to replace the third party apps. Third party apps tend to have more and better features than the official app, and most people who try them prefer them.
Because Mastodon uses open technical standards, all apps have equal access to all of Mastodon’s features. The official app has no special advantages or privileges compared to third party apps.
Third party Mastodon apps
There are lots and lots of Mastodon and Fediverse apps out there. The official Mastodon website has a very long list ⧉, but if you just want a few quick simple suggestions here they are:
Mastodon websites and web apps
Mastodon’s official web interface is excellent and well-developed. You can use Mastodon entirely through your server’s website and you can also install your server’s website as a web app on your phone or tablet. The web app works very much like a normal app, including notifications.
The Mastodon web interface is excellent and generally gets the latest features first. It can be used on computer, tablet or phone, and automatically changes to a mobile layout when used on a small screen.
Third party web interfaces
There are also third party web interfaces you can use instead of your server’s official website. You can log in using the same details as you do on your server’s website, but it will work through a different interface.
One of the most popular third party web interfaces is called Elk, however it is still having a lot of bugs ironed out. You can try it at elk.zone ⧉ and if you’re a techy person you can find out more at Elk’s Github page ⧉.
Command line and TUI apps
If you’re a techy person, you can use Mastodon through a CLI or TUI if you prefer.
Retro computer apps
There are (amazingly!) Mastodon apps available for many home computers of the 1980s and 1990s.
What about safety? How safe are third party apps compared to official apps?
Obviously it’s a bad idea to ever install random unknown apps from sources you don’t trust. However, the apps listed on this page are all well-established and recommended on the official Mastodon website’s apps page ⧉ (scroll down past the official apps section).
Also, most of the apps listed are open source so their workings are visible to anyone in the outside world. Any shenanigans in what a widely-used open source app does would be noticed fairly soon by outside observers.
How do apps handle my account password? Do the apps find out what my password is?
The security of your Mastodon account works like this:
- The sign-in process on all apps (including official, third party and web apps) happens through your server’s website, which the app opens in a built-in web browser window. That’s why the sign-in page on apps looks like your server’s website, because it is your server’s website.
- None of the apps listed on this page ever find out your password, all they know is that your server confirmed the password is correct and the server gave the app a special access token so it could work with your account. (Tokens are just a special code that lets apps and servers talk to each other.) That’s why the sign-in process always includes asking you about permissions, it is your server asking if you want to give that app an access token.
- If you don’t want an app to work with your account any more, you can cancel its access token by logging in on your server’s website and going to Preferences > Account > Authorised Apps, then click the Revoke button for the app you want to remove permission from. Revoking will stop that app having any access to your account. (On the mobile website, you may need to click the cog icon ⚙️ and then ☰ in the top right corner to get to the Account section.)
- You can make your account even more secure by enabling two-factor authentication, an extra layer of security which means even if someone found out your password they would still be unable to log into your account.