[notsrg]

>Everyone agrees the legacy web auth is broken

Only web3 enthusiasts with a solution in search of a problem agree with this. Auth has been a solved problem for years. Use a password manager. No need for blockchain nonsense. Next.

[birracerveza]

>Auth has been a solved problem for years.

Only web3 detractors with an allergy to blockchains agree with this.

You can mitigate the risks by using a password manager, but you can't argue that it's a solid system, come on now. You still have to trust websites to actually properly handle your credentials, and then hope for the best. Even with a password manager.

>Use a password manager.

If I need to use an external application to actually properly use the system, I might as well have that application use an actual proper system in the first place (public key cryptography), especially if that application also acts as your online de facto identity that only requires you to remember 12 words to access from anywhere.

>No need for blockchain nonsense.

Doesn't use blockchain. Next.

[lgessler]

I'm bear on web3 but you can't seriously say that with a straight face. The average person doesn't, won't, and in a way can't use a password manager, and measures like 2FA which mitigate weak password security still yield imperfect results.

[notsrg]

If they won't use a password manager why would they use a crypto wallet? Adding public key cryptography to the mix almost guarantees the barrier to entry is higher.

[desttro]

This is true and I use LastPass but we are in the minority of users. LastPass and other password keepers are too onerous for the mainstream and require upkeep. The whole point of why web3 is the hammer everyone is trying to use is because of user adoption and buzz generated by crypto.