this post was submitted on 14 Feb 2024
263 points (88.8% liked)
Technology
59207 readers
3158 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Why? Passwords are already used a lot less that they would need to be if we didn't have things like OAuth tokens, the FIDO2 protocol for 2FA devices, biometrics, etc.
Why should I have to type a password to authenticate myself to a website when I've already authenticated myself to the device I'm using and it can present the web site with credentials that prove in who I claim to be?
I think this makes sense for many low impact scenarios, but there's always going to be a set of services that I dont want to trust to the same provider. For me its my bank, even though passwords have plenty of flaws, and i am trusting my phone to protect tap pay tokens, i would never link my bank login to my google account so I use a memorized password.
of course this is tinfoil hat territory because a threat to my passcodes would probably involve breaking the security systems on android.
I think passcodes currently get consolidated with an entity like Google, but I've read Bitwarden is adding support for them. It definitely won't be an issue long term.