TLDR:

Here is generated summary of the article:

  • The author argues that passwords are not a secure way to authenticate users, and that websites should instead issue randomly generated passwords to users.
  • The author points out that websites already do this for API keys, which are used to secure high-stakes applications.
  • The author argues that this model of password issuance would be more secure than the current system, and would also simplify the login process for users.
  • The author also discusses the limitations of TOTP-based two-factor authentication, and argues that it is not as secure as it is often made out to be.

Here are some of the key points from the article:

  • Passwords are often weak and easy to guess.
  • Users are often not good at choosing secure passwords.
  • Websites often do not implement password best practices.
  • TOTP-based two-factor authentication is not as secure as it is often made out to be.
  • A more secure system would be to issue randomly generated passwords to users.
  • AndromedusGalacticusOPM
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    1 year ago

    I was responding based on the community you’re in. I’m now assuming you are seeing this from either local feed, or subscribed. If that’s the case, then I understand the confusion.

    I wasn’t intending to give off hostility in my words. If that’s what you interpreted, my bad for phrasing it poorly.