[motles]

I think you’re pointing out a problem which mobile has begun trying to solve - passwords are probably not the right long term solution to authentication for the majority of the population or usecases - the right solution is something more like an automatic biometric scan that doesn’t require remembering anything - just presenting yourself ie. Fingerprint scan, retina scan, faceID etc.

Devices which support these authentication method need to become ubiquitous and their APIs need to be open and widely integrated with, including by web applications and laptop/desktop applications.

There are some hard problems to solve in the way.

You either need to make a central authority that manages the scan data or you need to figure out a way to cryptographically hash the output of a biometric scan such that it can be reliably checked against a stored value in a database. Or perhaps our AI experts on HN could comment on if there is a not too computationally expensive verification method…

But it would be nice. Overtime users could remember less.

[aborsy]

Your fingerprint and faceid are in public domain (registered on surfaces, cameras etc). I don’t think they are very secure.

It’s only a matter of time that retinas can be scanned too with precision cameras.

[quickthrower2]

Fingerprint + physical access to phone is a pretty targeted attack. Assuming the phone is secure of course.

[deafpolygon]

> Fingerprint scan, retina scan, faceID etc.

Not secure at all. You can be coerced physically to unlock something private/secure. Security should always be a combination of something you know and something you have (2FA).

Additionally, requiring a central authority to manage security is just _asking_ for trouble. Passwords work because of how de-centralized it is. Biometrics and physical-only tokens will fail the minute people realize they can just steal that data and use it to unlock everything centrally.

What we need are better tools to manage passwords in a more transparent way.

[quickthrower2]

With physical coercion, all bets are off. The goal is to survive. You probably want a distress password perhaps.

[deafpolygon]

The police can coerce you using biometrics. They can't torture you for what you know.

[quickthrower2]

Ah ok, so I take it by coerced physically you mean coerced by a warrant/subpoena to physically unlock something?

[deafpolygon]

Or by a bully, girlfriend, wife, etc.

[richard_rainbow]

There is a solution coming that I believe will be 100% fool proof except for the strange nature of foolishness vs wisdom. Wisdom says becoming rich and successful, having fame and reward from your peers, respect from friends as well as enemies. But there is a different wisdom that does not care about money, crowd following, fame, status, or even social gratification. Most people would say, pure foolishness man wtf? Of course we all want to be Bezos or Jobs. Look how happy they are. Or were..

What the heck then? Here come rando guy again talking foolishness.

It's like this, what would you trade for safety? And ultimately if doing so made people that didn't make that trade incredibly vulnderable and by nature your foe? Is love at all important? One thing to note is that anyone who has studied love knows it has little to nothing to do with a carnal relation. My parents loved me when I was totally unlovable as a baby maybe but also as a full grown adult.

You can see it right here in fact. I'm not writing this to make myself popular. I'm writing this because I love people. Even people that hate me. Besides perhaps someone might have reason to hate me. Some people hate everyone, they are known as misantropes. Others can't deal with women and they become misogynists. Others are always outraged and it spills out to someone and rifts appear.

Okay, hopefully I can get to the so called solution to the so called problem of internet security which is a problem as much as the entire internet has become now.

The solution you will be presented with is the distinct pattern that is found on your right hand or on one of your eyes. Both of these patterns are so unique that I can't really find anything else more unique than them besides a DNA sequence.

I don't want you to be afraid. I want you to consider that once this is done, your uniqueness no longer belongs to you. It really never belonged to you in the first place. You could basically give something to a power bent on crushing us all that God made only for you. If a man gives up his soul for gaining the whole world, he has no soul to enjoy. You can't bring money and cool shit to heaven. But there is something you can bring. You can bring not only yourself but people you love. And you will see all kinds of people there you may not expect. I hope you can appreciate the fact that love and gratification are not the same. Don't forget someone did love you when you didn't deserve it.

I sure didn't deserve grace or love.