The flaw with 'secure' password systems
Genuinely curious for feedback on this one, but the whole private key system that is prevalent on the decentralised web is just.... the least secure thing I could almost imagine, really. And I guess I'm going to be showing some ignorance here, again, I invite feedback, keen to learn more.
But, okay, start with Steemit. Password is virtually impossible to remember and supposed to be stored in a secure place, ideally offline, right? So the idea of Steemit is to be up there doing something like what Facebook does, right? Steemit want their users to be logging on every day and engaging with content. So... what does your average user do? I'd be inclined to say most will save their password on their device and auto log-in. Or save the password to email addresses for relatively easy access. Or on their computer. Or a removable drive.
I feel like everyone would read those last sentences and nod, saying 'of coures, that's the safest way to do it, it's for my (money's) protection'. Feeling like the guy calling the emperor out on his nudity; saying I have lost or accidently destroyed more hard drives, laptops, phones, pieces of paper, keys and generally treasured items than I care to really remember. But I've had my Gmail account since it was invite only and never gotten locked out of there or forgotten my passwords for that.
And as for Google's 2fa authentication. What if something happens my phone? Retrievable with the key (assuming I can find it), but what a fucking irrritating hassle. It doesn't make me feel like my money's safer. I'm genuinely concerned that circumstances beyond my control will cause me to lose access to my investments.
There's a part of me can hear the obvious argument against what I'm saying. Just be more organised. Sure. I get that, on a theoretical level. But not a real one, for several reasons.
The people I know most excited by the decentralisation revolution, by the potential of cryptocurrencies and related tech, are the ones most disenfranchised by general society already. We're living in rentals, subject to regular inspections by our landlords, every one a threat against the security of knowing we'll have a roof over our heads. We're working shift hours, casual labour, sitting on the benefit with mental health issues keeping us out of any long-term labour-market participation. We're getting extra added to our traffic fines because the 'justice' department won't accept partial/weekly payment until they've processed it through the courts and added another $100+ to the total fine. My friends and I particularly, we're living in Christchurch, NZ. We've been through a bunch of quakes. Lost our homes, houses, flats, venues, communities. The tangible and the non-tangible, but damn man - it's so easy to lose shit.
Feels like the odds are stacked against us already and nothing's ever fucking remotely easy. This potential revolution we're on the cusp of - it's an opportunity for people like us to (re)claim a sense of autonomy - I genuinely feel so much hope and optimism for the potential social revolution here.
But seriously, the password systems on so many of the sites aiming to redistribute power just seem to inhibit it in a lot of ways for me. I'd be happier with 10 personalised questions and passwords that I could choose and remember myself than have to worry about others finding physical forms of. Am I alone in this?