Disastrously Misguided and Misguiding Perception — ‘Removal of Authenticator’ taken as ‘Removal of Attack Surface’

3 min readJan 7, 2022

“Removal of a password’ is ‘removal of an attack surface’. It should improve the defence in view of the password being vulnerable to theft and abuse.”

Should it be the case, ‘removal of physical tokens’ could be referred to as the removal of an attack surface that should improve the defence in view of the physical token being vulnerable to theft and abuse. So is the army in view of it being vulnerable to air attack.

We took up this ridiculous argument that is already debunked as a logic failure a couple of weeks ago. At the beginning of 2022 we raise it again persistently because the consequence would be so grave if big tech firms continue to spread it persistently yet further.

With their hollow but horrific loud voice, the misperceived effect of removing the password is really a bane of digital identity. That falsehood, not the password, should be removed from digital identity ASAP.

Ref: “Remove the army and we will have a stronger national defense” https://www.linkedin.com/posts/hitoshikokumai_going-passwordless-what-are-the-benefits-activity-6815852512889978880-R3RR

Passwords retained in our brain are absolutely necessary as the secret credential for our safe digital societal life; It could be compared to the stones and clubs that ancient ancestors relied upon for collective survival for food and against predators.

That the conventional passwords are so hard to manage is a different matter, which we can mitigate with our proposition of ‘non-text’ secret credentials, especially episodic memory that is firmly inscribed deep in our brain and hard to lose.