Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Why are we still using passwords? Why can’t all login be done with asymmetric keys: your public keys are stored on the server, your private keys on the device. Carry a backup pair on your USB and treat it as a key to your house. Any of them got lost? Just delete the respective public key from the service.


How are you going to sign in and delete the public key, if you lost the private key?

This is exactly why so many do not want passkey, the recovery options aren't exactly great.


That's passkeys. Google and Microsoft are pushing in that direction.


I have never seen a website where I can sign up without a password and using only email and passkey. Is there one? All websites treat passkeys as an “add-on” to the passwords of the last century. Totally backwards thinking.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: