[0daystock]

My vision of future authentication (shared by colleagues in security) is based in strong hardware credentials and additional layer-7 context about identity, device and location. Basically, more identification of you and your browser using cryptographically-guaranteed and immutable events. It is actually the deprecation of passwords altogether and generally moving the trust boundary away from the control of the user entirely. I also don't enjoy it, but it would solve a lot of current problems we see in information security.

[xdennis]

I don't know if you're being sarcastic, but your vision sounds like a nightmare and not very far removed from Gattaca.

> moving the trust boundary away from the control of the user entirely. I also don't enjoy it, but it would solve a lot of current problems we see in information security.

Every despot throughout history has noted that freedom can be traded for security, but I thought that most of us would agree that freedom is more important.

[0daystock]

Society is replete with trade-offs sacrificing freedom for collective security. You can make moral judgements about this all day, but it won't change the dynamics of our lives.

[nmeagent]

Keep in mind that we do not have to cooperate with whatever invasive schemes you wish to inflict on us.

[dane-pgp]

> additional layer-7 context about identity, ... more identification of you

Mass surveillance. You can just say mass surveillance.

[0daystock]

Every technology is a double-edged sword. Like firearms, security controls can be used to guarantee peace and freedom or wage war and distress. The responsibility is with the administrator of that tool, not the tool itself.