What if our password is dynamic?

[akopjpuge]

While I'm lazying here it's just comes to my mind and I thought I might share this. And maybe someday or someone in the future might do this thing. What if our password is dynamic? I mean like similar to 2fa like we don't need to memorize it. Like we don't have to do it as one time mnemonic phrase or a long jumbled letters and numbers. Like just by scanning a qr code or as signing similar to blockchain? Sorry for my English. It really sucks that why I can't even work in a call center company 😂 anyway happy holidays crypto friends 🎍

[UserU]

Unless the tech is there to identify the user behind the access, I'd rather memorize my own passwords and not rely on some device or app generating randoms for me in case it gets hacked. Also this will involve KYC at some point and be a hindrance to many.

But a similar concept has been used before, which is login thru a confirmation link sent to your email. No password required, just click and login.

[CristianOff]

I love discussing cybersecurity related things so here are my thoughts

Having a dynamic password sounds like a visionary idea, but what we lack is a leader to identify the objectives to achieve that.
In the current state, we define authentication methods based on the following characteristics:

Something a user knows such as Password / PIN
Something a user is such as Fingerprint, Voice Recognition, Iris Scan
Something a user has such as a physical smart card, security token


Maybe when Elon Musk will create his brain chip for humans, we will be able to use it to communicate with all databases
in the world where we are subscribed and force them to use a "dynamic password". If today I want my password to be 420420420HolaAmigos then
all I have to do is think about it. I hope my brain chip will use post-quantum encryption methods!

[franky1]

finger prints fail over tie, dirt, papercuts, age and wrinkles mess with scans
retina scans fail over time with high populations with diebeties and cateracts that can cloud the scans

instead use bitcoins message signing feature

have a service which requests a public address.. and thats all the service stores
when you want to log in the service log in page says:
sign: "session 123456 21stDec2019"
you then sign the message "session 123456 21stDec2019"
using the keypair of the public address you registered

and all you send is the copied signature

the signature will be unique because its based on the unique message and your keypair
that way only you can sign it, hackers cannot find out the password on the service..
and all you have to do is keep your private key safe on your system