cascdr

Honestly... the tools are so good and easy to use now the problem is just people being lazy. 

I think passkeys might be the only way forward. Passwords are fine but humans can't be trusted. This is why I think bitcoin will be mostly custodial in the future. That is until people can be bothered to actually care about the digital security.

kepford

The fact is, when a human thinks of a password to use for themselves, this is a fundamentally insecure process. We have no cryptographic guarantees about the human brain like we do about a carefully-designed computer algorithm, and mounting evidence shows that humans are in fact 

 found that by using a neural network, they were able to guess almost half of 

 passwords in under 1000 attempts just by knowing a single one of that person's other passwords. It's only going to get worse from here.

security

> The fact is, when a human thinks of a password to use for themselves, this is a fundamentally insecure process. We have no cryptographic guarantees about the human brain like we do about a carefully-designed computer algorithm, and mounting evidence shows that humans are in fact [quite predictable](https://people.ischool.berkeley.edu/~nick/aaronson-oracle/). One [2019 study](https://ieeexplore.ieee.org/abstract/document/8835247) found that by using a neural network, they were able to guess almost half of _everyone's_ passwords in under 1000 attempts just by knowing a single one of that person's other passwords. It's only going to get worse from here.