Nothing is simpler than passwords. But we want something thats both simple and safe. Even for lazy people, tech-unsawy people, and people with bad memory.
What if every pc came with a jubikey-ish reader and every website supported a browser api for it? Probably not jubikey, but something that fit in a wallet like bank cards do (but also was an open tech so that anyone can implement and sell cards). Wouldn’t it be both safer and simpler than passwords? It would take some time to turn around of course but the same was probably the case for https, 2fa, ipv6, and tpm’s.
Those are called smart cards. Traditional smart cards needed centralized management of credentials, but FIDO2 smart cards exist that work like the keys. The reason tokens are more typically USB-based (or NFC) is every PC has USB, but most don’t have smart card readers.
Nothing is simpler than passwords. But we want something thats both simple and safe. Even for lazy people, tech-unsawy people, and people with bad memory.
What if every pc came with a jubikey-ish reader and every website supported a browser api for it? Probably not jubikey, but something that fit in a wallet like bank cards do (but also was an open tech so that anyone can implement and sell cards). Wouldn’t it be both safer and simpler than passwords? It would take some time to turn around of course but the same was probably the case for https, 2fa, ipv6, and tpm’s.
Those are called smart cards. Traditional smart cards needed centralized management of credentials, but FIDO2 smart cards exist that work like the keys. The reason tokens are more typically USB-based (or NFC) is every PC has USB, but most don’t have smart card readers.
Oh yeah… Definitely good IPv6 support everywhere. That really turned around, and we’re not dragging our feet on implementing IPv6 at all 🥲.