W3C home > Mailing lists > Public > public-credentials@w3.org > November 2016

Ditching passwords / email identifiers

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Sun, 20 Nov 2016 04:03:48 +0000
Message-ID: <CAM1Sok3biHiDzuk5jq60mY+2Fvz9PkGAApeXoQyN3xgHsnvKkA@mail.gmail.com>
To: W3C Credentials Community Group <public-credentials@w3.org>
had an idea that for places where mobiles are ubiquitous, the means in
which to ditch passwords and email related AUTH could be facilitated by
simply providing SMS authentication (or mobile app alternative) which
in-turn means no password is stored for the account at all...

mobiles are increasingly used for banking, simply by tapping them on a
payment gateway (via NFC).

people barely need to use their passwords to get into a password protected
site, and a great many people have difficulty remembering them or keeping
them safe.

alot of email providers are internationally based (whereas mobiles come
under telecommunications law, including the misuse of them) and in some
regions at least - the receipt of a sms does not cost the recipient funds.

i am aware of a few problems with that method, including company owned
mobiles, lost phones, etc.


i figured it was an idea worth noting.  may be an opportunity within the
general space.

Received on Sunday, 20 November 2016 04:04:32 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:32 UTC