[chlorion]

As far as I can tell this doesn't actually require a "big tech account".

I am imagining this working like OTPs that are generated on phones. The actual standard will be open and the implementations do not require a specific platform or any kind of "account", but most people will run it on their phone with Android or IOS because it's handy for them.

I also don't think it's going to require running on a phone, just like OTPs. I can generate OTPs for 2FA purposes on my desktop system running Linux and it works great!

If it does end up working like that, I think it's a great idea.

[SturgeonsLaw]

It doesn't require one from a technical perspective as you've pointed out, but every business incentive is to lock people in to accounts. It makes it easy to collect data on the users, to enforce payment by locking accounts, etc.

I too prefer offline-first tools, but the market doesn't, and people are trained to sign up with an email account and password so for the masses "this is just how it is".

I don't want to be a pessimist, but examples of user respecting systems are mainly commonplace in certain corners of the highly technical FLOSS world, it's certainly not the experience of the average person.

TOTP being a notable exception.