| Password managers are best practice, but they are a reaction to the failures of passwords, rather than an attempt to replace passwords with a better proposal. * Password Managers are good but inadequate as a solution because, at present, only a motivated set of any given number of users are likely to make use of them. Do we want a solution that works well for all or nearly all users? Or will we simply settle for a solution that protects only ourselves? At present, password managers are often third-party luxuries even though they are indispensable for basically every person. In truth, they are essential enough that standardized API hooks for password managers really ought to be baked into every consumer OS, and if we are serious about protecting users in a world where 86% of passwords are terrible, users should have to explicitly opt out of whether to use a password manager or not. The only choices most users should be making are * whether to use a default or nominated password manager, * what physical tokens / 2FA approaches they want to use * and whether they want their credentials to be stored in the cloud (convenient) or only ever stored locally (more secure, credential transfer fully under control of users). Sites / Applications / etc requesting credentials should really provoke a standardized credential request UI on the OS, not have bespoke credential dialogues in a thousand different designs and approaches bleeding all over the internet. The choice to have a distinct credential per site should not be a choice offered to most humans, because most humans will always make the wrong choice. |