W3C home > Mailing lists > Public > public-credentials@w3.org > November 2016

Re: Ditching passwords / email identifiers

From: Jacob Pratt <jhprattdev@gmail.com>
Date: Sat, 19 Nov 2016 23:22:17 -0500
Message-ID: <CAAFMpDpgZtc-ekmMbmfT1Wv6ECQEZ+2ExTjUCj4H=XzuG+WmzA@mail.gmail.com>
To: Timothy Holborn <timothy.holborn@gmail.com>
Cc: W3C Credentials Community Group <public-credentials@w3.org>
Certainly an interesting idea. This could also take advantage of the
increasing frequency of biometric sensors in mobile devices, eliminating
the need for a code (or some other identifier). It would be much simpler
than remembering a password, and much more secure for the vast majority of

On Nov 19, 2016 11:05 PM, "Timothy Holborn" <timothy.holborn@gmail.com>

> had an idea that for places where mobiles are ubiquitous, the means in
> which to ditch passwords and email related AUTH could be facilitated by
> simply providing SMS authentication (or mobile app alternative) which
> in-turn means no password is stored for the account at all...
> mobiles are increasingly used for banking, simply by tapping them on a
> payment gateway (via NFC).
> people barely need to use their passwords to get into a password protected
> site, and a great many people have difficulty remembering them or keeping
> them safe.
> alot of email providers are internationally based (whereas mobiles come
> under telecommunications law, including the misuse of them) and in some
> regions at least - the receipt of a sms does not cost the recipient funds.
> i am aware of a few problems with that method, including company owned
> mobiles, lost phones, etc.
> yet,
> i figured it was an idea worth noting.  may be an opportunity within the
> general space.
> Tim.H.
Received on Sunday, 20 November 2016 04:22:49 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:32 UTC