Conceivable Narratives of ‘Passwordless’ Authentication Promoters and Supporters
We could accept “Passwordless” authentication if it comes with a transparent statement that it brings ‘better availability’ at the cost of losing security, helping people where availability and convenience, not security, matters most.
The problem is that the “passwordless” promoters are adamantly alleging that the passwordless scheme increases the security, thus spreading a false sense of security.
It is not only weakening the defence of democratic nations from within when we have to cope with the yet increasing cybersecurity threats from aggressive anti-democracy regimes, but also preventing global citizens from being better prepared against the threats by making good use of the defence surface of the password and its expanded developments.
The history of science and technology leads us to conclude that citizens’ episodic image memory can be the best source of passwords (secret credentials) as examined here — “History of Animals’ Visual Memory” https://www.linkedin.com/posts/hitoshikokumai_can-we-think-without-using-language-activity-6945224116849242112-JNaw
It also has an extra bonus on our mental health as discussed in “Warm Login Interface for Cold Digital Computing” https://www.linkedin.com/posts/hitoshikokumai_democracy-privacy-ethics-activity-6947437709338505216-d7ht
This proposition is still little known to the public, presumably because global big IT firms have shunned it, with biz-tech media turning a deaf ear to our voice.
The narrative of the big players is probably “Our acknowledging the merit of making use of citizens’ non-volatile memory and the public knowing it could well bring our huge investment in “passwordless” business to naught”.
The narrative of biz-tech media and event organisers is probably “Those big names who promote and support “passwordless” schemes are collectively a deepest-pocket sponsor for our trade, without whom our business could be in jeopardy. We have no incentives to change the situation”.
The conceivable narrative of security professionals who cannot be indifferent and yet stay silent were already taken up in this earlier post “Dissecting Silence of Digital Identity Professionals“ https://www.linkedin.com/posts/hitoshikokumai_democracy-privacy-ethics-activity-6946737405953482752-j7u5
By the way, there is nothing wrong in being driven by money in business. The problem is that their lack of transparency and integrity is inflicting too big a harm on the public. It is especially damaging in security, defence, medicine and other highly sensitive areas.
Should it pass a point of social tolerance, it is called “greed”.
For avoiding self-righteousness, I look forward to being refuted.
Digital identity blogs collected at https://www.linkedin.com/pulse/collection-digital-identity-comments-hitoshi-kokumai-posted-kokumai/