 | Usernames and passwords are ancient. 2FA is ancient. Passkeys are better, but you can't safely share or delegate them. There is a better way... kirschsubstack.com |
Usernames and passwords are ancient. 2FA is ancient. Passkeys are better, but you can't safely share or delegate them. There is a better way...
I’ve been spending a lot of time in the background thinking about how to advance digital identity so that your identity can’t be shut down by the government, by Google, your money can’t be locked up (like what happened to my Coinbase account), and to make it easier and safer for people to authenticate, authorize transactions, and assert claims (such as proof of a minimum age), as well as give people unprecedented control over their identity such as being able to share passkeys yet limit how they are used.
To sign up with this system, all you need is to pick an alias which is the only thing you have to remember. No password, no master password, no PIN, no email, no phone number, no 24 word seed phrase you have to securely store, etc. We basically do not know who you are (and we don’t want to know). If you lose all your devices, you don’t have to remember anything to get your identity back.
I have a design that I’m liking a lot and want to collaborate with an experienced Applied Cryptography Engineer or Cloud Security Architect on getting feedback on the idea and potentially joining a startup to help architect and implement it.
Right now my focus is making sure we have the right architecture.
