
Passwords are dead. It’s the future - endswapper
https://hackernoon.com/passwords-are-dead-its-the-future-e3e95affd9a6#.sfl06tl5d
======
zerognowl
Seems like another flavor of the month authentication schema that won't catch
on [https://en.wikipedia.org/wiki/SQRL](https://en.wikipedia.org/wiki/SQRL)

I think we need to work within the existing schema of passwords because that's
what people are used to. They have muscle memory for entering passwords that
is very hard to wipe. They have entire ecosystems based around passwords-for-
profit (1password, Lastpass, and any number of 2FA solutions).

I think the general consensus now is that passwords only serve the threat
model behind them. If I use a sixteen character password with at least 3
emojis, numbers, and no dictionary words for storing 4chan memes on Imgur,
then something is desperately wrong with my threat model.

Likewise if I'm using a six letter alphanumeric password to get access to my
email account (which might be tied to all my other accounts), then there's
something awry with my threat model.

SQRL on the other hand could serve other threat models and seems useful for
quick-and-dirty interaction with the Internet. If I want to leave a single
anonymous comment for example, on Hackernews/Reddit, I shouldn't have to do
the password dance each time.

------
tf2manu994
I started this very angry, due to the title. Happily, it wasn't that way, and
it was instead a parody (ish).

I do wish that the general public would use password managers instead of using
"password1234" on all of their sites. Would be nice if more browsers built in
deep support for LastPass/KeePass, especially more mobile ones, since that's
where most 'normal' users are now.

