What sucks is that password’s don’t need to be so insecure.
If you took WebAuthn and, instead of the private key, used one password, it’d be nearly as strong. Assuming that one password is sufficiently strong, and the password input could not be intercepted, and no one ever looked over your shoulder, or used a camera, and you never wrote it down somewhere others can find it, and you never typed it where someone had installed a key logger…
If you took WebAuthn and, instead of the private key, used one password, it’d be nearly as strong. Assuming that one password is sufficiently strong, and the password input could not be intercepted, and no one ever looked over your shoulder, or used a camera, and you never wrote it down somewhere others can find it, and you never typed it where someone had installed a key logger…
Actually, let’s bring on the passkeys.