You don’t need JWT anymore

&gt; It’s no secret that the Ethereum login will soon become a user standard and passwords will no longer be needed.<p>That&#x27;s some serious kool-aid that the author has been drinking.<p>Nothing worthwhile in the article, users will be asked in a popup to sign a message they don&#x27;t understand and will click-through anyway, and this hyperbole is applicable anyway only to dApps on Ethereum.<p>The best alternative to JWTs looked like it was going to be <a href="https:&#x2F;&#x2F;tools.ietf.org&#x2F;id&#x2F;draft-paragon-paseto-rfc-00.html" rel="nofollow">https:&#x2F;&#x2F;tools.ietf.org&#x2F;id&#x2F;draft-paragon-paseto-rfc-00.html</a> but the reference implementation and RFC have gone quiet, and these days JWTs are basically OK, the security problems are largely solved by more sensible defaults in most of the common language implementations.

&gt; A simpler way to authenticate users with web3 using signed messages<p>Oh fuck off with this web3 bullsit.

The &#x27;authentication&#x27; they&#x27;ve demonstrated there is completely broken, I hope this isn&#x27;t in production anywhere.