[summerlight]

It's more about a fundamental design trade-off rather than removing accidental complexity coming from UX. Currently, most of us delegate the responsibility of identity management (other than memorizing id and password) to one of big-techs, presumably much better at this area than 99% of us. In the fully decentralized world, the burden of proof is now up to users. And they usually don't really care about the best practice for security, privacy and reliability. Technology may improve over time so the equation will get better, but I don't expect this dynamic to change that much.

[christophclarke]

On the other hand, however, the outcomes of a breach are vastly different. An individual who fails to secure their information is liable for only their information. If a "big-tech" is compromised, they are liable for everyone's information.

If users are still unwilling to run their own infra, then that seems like a great opportunity for Identity as a Service. I'd feel much more comfortable handing identity to a firm whose entire business model revolves around securing my information and protecting my privacy rather than a big-tech.

[tudorconstantin]

"I'd feel much more comfortable handing identity to a firm whose entire business model revolves around securing my information and protecting my privacy rather than a big-tech." - in order for that company to be rock solid, trusted by most of the world and with a proven track record of top notch security, would mean that the said company is a big-tech.

I would call okta, auth0 and iWelcome big-tech already, even if they're not FAANG-level big tech yet.

[kory]

This is a great point that I hadn't thought of. Well said.

I'd rather, as a company, risk managing all of my users' identities (vulnerability to a data breach, mitigated by a well-trained security team) than trust my users to manage their own security well and inevitably deal with a mass amount of compromised accounts.

As a user, especially if I'm not technical, I'd have a strong bias towards handing my identity to a team that's spent years studying computer security. Managing my own identity would involve learning a lot about computer security. That would take a lot of time and I'd really have to care about it to do it "right". Regardless, I'd likely get a lot of things wrong, leading to my identity being more insecure than if I had just stored it with someone like Apple.