|
|
|
|
|
|
by marknadal
2841 days ago
|
|
|
Yeah, I have no clue what they were smoking when they said this. Mitra @ the Internet Archive, when integrating DWeb ( https://news.ycombinator.com/item?id=17685682 ) and I talked about this. I showed him a cryptographically secure method of having passwords (that keys are not derived from) that allows for password resets (without a server). For a high-level conceptual explanation of this approach, see our 1 minute Cartoon Cryptography animated explainer series: http://gun.js.org/explainers/data/security.html This same method can be used for doing Shamir Secret "recover your account based on your 3 best friends" method, which I believe will be the best UX for most users. This is an already solved problem. |
|
|