That's tricky, because it's either you in control of your key, or you are giving it up to a third party.
Is it worth it? Isn't it better to educate people to handle sensitive data securely?
You are viewing a single comment's thread from:
That's tricky, because it's either you in control of your key, or you are giving it up to a third party.
Is it worth it? Isn't it better to educate people to handle sensitive data securely?
Well, we already have a mechanism for recovering your account if it gets stolen, and you don't have to give up your key to a third party. Your recovery account doesn't have your key. I am guessing there are a variety of approaches to accomplishing something similar if you lose your key. We have a social blockchain and we can take advantage of that, our social connections (which we know also outside the blockchain) can help us restore our password, without needing to give our key to anyone. That is one approach.
The vast majority of people have very little idea about IT security, and there are so many attacks out there, so many hardware failures, and so on, that it takes an IT expert in security and backups to handle these things properly. The average person always forgets their password for any website and they use the Forgot Password feature very often. Yes, education is very important, and at the same time, if we want anything close to mainstream adoption, I think a password recovery functionality is a must. We have to make it friendly to everyone, kids, the elderly, people with poor IT skills, people from any country.