Doc Edward Morbius ⭕​<p>@kyle@librem.one TL;DR: I disagree, passwords failed for intrinsic reasons, not any specific party's (or parties') implementations</p><p>Passwords were developed for a vastly simpler world. I think we really need to go back to first principles, and determine:</p><ul><li>What we expect passwords to provide.</li><li>What the risks are.</li><li>What the alternatives are.</li><li>What the landscape / terrain / participants are, and what affordances these provide.</li></ul><p>In particular, Fernado Corbato was solving a problem for a very limited-access facility with limited connectivity. The solution he devised for the 30 or 300 people <em>inside</em> that phsyical space wasn't appropriae for the 3 billiion <em>outside</em> (this was 1960), but those 3 billion had very little opportunity for access.</p><p>Today, 5--10 billion people have immediate access to many online systems. If we consider nonhumans potentially accessing systems, that count likely increases by a few more orders of magnitude. Passwords <em>somewhat</em> work within a spatially-constrained space, not in a global one. Global data systems have a fundamentally different data / security "physics".</p><p>Corbato came to think passwords were a nightmare, and that they were designed "to protect against casual snooping":</p><p><a href="https://www.welivesecurity.com/2014/05/23/password-inventor-says-creation-now-nightmare/" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">welivesecurity.com/2014/05/23/</span><span class="invisible">password-inventor-says-creation-now-nightmare/</span></a></p><p>I share your concerns for hegemonic appropriation of identity. But in a <a href="https://toot.cat/tags/HierarchyOfFailureInProblemResolution" class="mention hashtag" rel="tag">#<span>HierarchyOfFailureInProblemResolution</span></a>, I think the assessment that passwords are themselves a problem is correct.</p><p><a href="https://old.reddit.com/r/dredmorbius/comments/2fsr0g/hierarchy_of_failures_in_problem_resolution/" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://</span><span class="ellipsis">old.reddit.com/r/dredmorbius/c</span><span class="invisible">omments/2fsr0g/hierarchy_of_failures_in_problem_resolution/</span></a></p><ul><li>What's the problem?</li><li>What's the root cause?</li><li>What's the goal?</li><li>How do we get there from here?</li><li>Who needs to help, or get out of the way?</li></ul>