[caiomassan]

The most underrated crypto thing that people don't discuss enough, is that i don't need an email account to interact with web3 apps, i just sign in with metamask. if I could do it for every single app around that would be great.

[jeroenhd]

You don't need crypto for that, though, client side certificates have existed for such use cases for decades now. Companies aren't using them so nobody knows about them and therefore browser vendors don't care about the UX and therefore nobody wants to use them, but that cycle will happen for as long as people don't implement such login methods.

If there was a way for end users to sync webauthn logins, we'd solve this problem without ever resorting to any kind of blockchain whatsoever.

[jeofken]

If only browsers had a public/private keychain built in to sign and encrypt messages. Authenticating = sign a message with your private key.

[jeroenhd]

Browsers have mutual TLS auth if you want that type of authentication. The UX is mediocre and MANY tracking websites will ask you to sign in (either out of incompetence or malice) in your regular browsing, but it's definitely possible to use such a system.

Nobody is accepting random self-signed certificates, of course, usually they need to be signed by a CA belonging to the party you're authenticating to, but there's no technical reason why you can't use a random certificate to authenticate with a website, or even modify your browser to add a quick and easy button to generate them on the fly.

Browser vendors have stopped caring about this type of auth and are focusing more on webauthn, which stores a cryptographic token in your device's secure storage (if available) or on the file system. When browsing from a phone, this means it's essentially "sign in with your fingerprint" for websites, which is really cool! You can't easily back those tokens up, though, so you still need something like a recovery email if you don't want your users to lose their accounts when they drop their phones too hard.

[maccard]

Why is that better than signing in with google or apple?

[boondaburrah]

What's wrong with a username and password?

[eimrine]

Easy to forget login, easy to forget passwd, easy to forget what passwd is attached to some login. Not to mention that nowadays most services ask some second and third factors like email which has 2 passwds, phone which may be lost, docs which may be unwanted to demonstrate. Modern cryptography may solve it if webmasters really want it (but for some reason they prefer to collect as much as possible).

[boondaburrah]

These all sound like convenience factors. I don't see why my identity with one provider has to be tied with my identity from another provider at all. Having a crypto wallet (for this purpose) is just certificates with extra steps (quite literally, as it's cryptography).

[usrbinbash]

> Easy to forget login, easy to forget passwd, easy to forget what passwd is attached to some login.

All solved by a password manager.

[eimrine]

And being bond to some database? That is... not for everyone.

Password manager is good if it is planned to share all my passwords after my death with my family, for not gifting my funds to some random guys. In every other cases it sucks like Sasha Grey (from my lifestyle's point of view which involves heavy use of random devices most of them even does not support any passwd mngr).

[usrbinbash]

> In every other cases it sucks

It doesn't for basically everything I do, and I have a lot of systems, subscriptions, and profiles to worry about.

> random devices most of them even does not support any passwd mngr

In the simplest case, 2 things are needed to support a password manager: Network access, and copy-paste.

[eimrine]

> In the simplest case, 2 things are needed to support a password manager: Network access, and copy-paste.

All of my mobile devices doesn't really support JS so I can not even input my HN's password to there without a PC.

Also I do not believe all of my e-mails which has some accounts with some values on it are still working. At least one time I had to re-register e-mail exactly as previous to withdraw some of my funds which were untouchable for few years :-) So the biggest part of problem is not on user's sides of wire and I have already tired to struggle to formulate such a simple thing using such a lot of sentences.

[OrderlyTiamat]

network access itself is not necessary foe using various password managers, though of course for the majority of uae cases you'll require it anyway. But if you e.g. have a journal that is encrypted, you only need copy-paste.

[programmarchy]

To answer this, ask why you use an SSH key to authenticate with all of your servers.

[arthurcolle]

not secure enough, prone to easy abuse/workarounds.