[czei002]

If done right, passwords are a very powerful and universal auth method, i.e. all credentials can be remembered and no third party or auth device are needed (e.g. you are still able to login even when you lost all your belongings while traveling). However, there are problems when reusing passwords and passwords are usually leaked to the remote party when authenticating, e.g. its trivial for a web service to learn what password or password pattern you are using. I am working on an open source project called FejoaAuth where we are working on a secure authentication solution that does not leak the password during login. This allows to reuse a password, e.g. to use a password for authentication and for data encryption. This makes true one password solutions possible. Its an open source project so please get in contact :) https://fejoa.org/fejoapage/auth.html