MicrosoftWhy keep wasting time on tackling a symptom or the problem, when the actual problem is the existence of passwords in the first place...get rid of them. I should not have to remember any passwords. I want to go password-less.
The amount of total time wasted by everyone writing down username/password site combinations in a password manager, excel file, or whatever is getting pretty ridiculous and the fact that we are still doing this and losing billions to this type of fraud in 2019 baffles me.
MS/Google/Apple and the rest need to start an industry push to support FIDO U2F with hardware wallets (i.e. a Ledger or equivalent) and blockchain. I should be able to have something on my keyring and be able to login to any computer or website without ever needing to remember my password. I should be able to use a single token for ALL my logins. I'm pretty sure you can have fingerprint/PIN on top and just invalidate the token if it is ever lost or stolen (and keep the seed restore password somewhere safe like a safe).
I think there's a Windows 10 login app that technically allows you to login password-less but it's only in beta. But we need all the large IT companies to support password-less FIDO U2F as an OPTION so at least it's there for the security conscious that want to use it. Banks are ironically the worst at this, most only send OTP via SMS...
