> Disclosure: I do not have a password manager<p>Written by someone who writes articles for a tech mag and doesn't use a password manager?<p>Thanks to my use of a password manager for many many years now, I don't know any of my passwords at all. I guess I've already failed. Before we start worrying about BigCo helping us log in, let's at least get the basics correct first.
Interesting read. I think something that bothers me more than trying to remember passwords (I have a system) is when an app or website won't let you see what you've typed! It's so easy to make a typo, especially on a phone and nothing infuriates me more than that "wrong password" message popping up when I can't even view what letters/numbers I've typed in before hitting enter.
If your face becomes your password, what happens if you are in an accident and get a broken nose, lose a couple of teeth, and get some stitches? Will you be locked out until you heal? If there’s permanent damage to your facial structure, how do you “reset your password”? (I will admit I have not done a thorough survey of the existing literature; I’m guessing others have thought of this problem and it has long since been solved.)
Will a ‘passwordless future’ gain traction though? I keep hearing the term ‘passwordless’ but right now it’s a niche thing with only techie types early adopting it. I own a Yubikey and use WebAuthn where it’s supported. But only some services support WebAuthn. For this to take off it needs to be ubiquitous and widely supported. Also this article says people won’t be locked out, but if you lose your Yubikey you need some recovery mechanism in place, and not all services support a ‘recovery code’ option meaning you have to contact support, verify your identity with a passport scan and other KYC checks.
Blocked by a pay wall, here’s a web archive link:<p><a href="https://web.archive.org/web/20220525180921/https://www.wired.com/story/in-memoriam-forgetting-passwords/" rel="nofollow">https://web.archive.org/web/20220525180921/https://www.wired...</a>
Let's just get rid of user accounts altogether. We started wanting to get rid of emails then got insecure about our passwords...all in the quest of anonymity and security.<p>99% of us don't get hacked. 99% of us are ignored by everyone in the world. But we care about our privacy nonetheless. And we care because all these services are after data they don't need at all.<p>It's so annoying when during sign up for a service you are asked to provide company name, country, phone number, email, full name, date of birth, password etc. Does a reality exist where I just won't have to sign up at all?<p>Accounts are portals into the always connected digital world. In effect their only use is to connect a piece of information to you. Is it impossible to do that in a completely anonymous way?