Hacker News new | ask | show | jobs
by wpietri 1087 days ago
> Users understand passwords.

Do we? My password manager has 1031 entries. I know maybe 3 of my passwords. For the rest, the fact that it's technically a password is mostly irrelevant to me. And there are a number of things I use that are magic link logins, where the "password" is a one-time key that gets emailed to me and used immediately.

So from my perspective, the notion of "password" is wildly obsolete; most of what passes for that these days is machine-generated strings that don't know and almost never see. I'd be perfectly happy to go one step further and have a proper protocol such that BitWarden and the site talk directly, leaving me out of things.
1 comments
wkat4242 1086 days ago
Well yes but sometimes I still have to enter one manually. Like on a device that doesn't support password managers, like my oculus headset or Amazon fire tv.
link
wpietri 1086 days ago
For sure, but the fact that using a password as a password is the exceptional case is evidence to me that the paradigm is obsolete.

Another way things like linking a TV to an account happens is not with a fixed string that we in theory invent and memorize, but with a dynamically generated one-time code. For me that's obviously better than a password, in that the code will be shorter and time-limited, while the time window to misuse a password is infinite.

link
YetAnotherNick 1086 days ago
Am I the only one who has 10 electronic device in my house shared by 4 members and the accounts are shared in all kind of combinations among family members and devices.

I want to share passwords of some sites and not share for all sites. If I share a password, I don't want to bugged whenever they try to log in.

link
jackson1442 1086 days ago
If you use a password manager such as 1Password (I’m sure many others support this/will support this as well), you can save the passkeys in there and allow shared access.

Most sites also support some kind of fallback method, like magic link or a password.

link
YetAnotherNick 1086 days ago
How will this work in all the devices? My smart TV likely doesn't support, console doesn't support it etc. Basically my point is no matter how organised I am, there will be cases where passwords are the only option.
link
jackson1442 1082 days ago
Typically for devices like this there are off-device authentication options such as “enter the code ABCD on aka.ms/xba” or you can always fallback to magic link which still doesn’t require storing a password. Passwords won’t be going anywhere anytime soon, but it’s good to have other options in the works.
link
wkat4242 1086 days ago
It sounds like you're doing it wrong though :) Most devices these days support multi-account. Even Oculus.
link