Phone May Soon Replace Many of Your Passwords

Source: Hacker News

Article note: This is ...exactly the opposite... of what I want out of an auth system. I don't want to delegate auth to a phone, I trust my computers WAY more than my appliances. I don't want to delegate my trust to google or apple as the only players who support the system, and especially not doing "log in with google" so I can get locked out of unrelated accounts if they get in a "your account is deactivated because fuck you" mood or I need to kill an account. Auth is pretty well a solved problem; you use a password manager with a well-documented on-disc format, and you sync your password DB to whichever devices you want to log in from. You don't share credentials to the greatest degree possible so problems with one place don't turn into problems with others. The largest threat to most users isn't their account getting hacked, it's one of the many places they have an account getting hacked or turning malicious.
Comments
This entry was posted in News. Bookmark the permalink.

Leave a Reply

Your email address will not be published.