Now that passwords being compromised more and more left and right. What do we switch to next, Cred Forums...

Now that passwords being compromised more and more left and right. What do we switch to next, Cred Forums? What security level/method will overthrow and take over passwords?

LastPass.

keys retard

A public-key system would be great but I doubt average users would ever use it. Keeping your keys backed up and safe from others is way too much to ask of them.

My guess is biometric devices. Its easy enough to implement nowadays and takes way more effort to break which will deter low effort attacks.

Services aren't compromised because auntie helen used "123456" as her password

they are compromised through social engineering and software exploits

>passwords being compromised
Because people use shit passwords. For fuck's sake, NOTHING IS BETTER THAN PASSWORDS. JUST STOP SUCKING AT THEM.

Given the high-resolution cameras people have access to nowadays in their phones, would it be possible to extract biometric data (fingerprint, iris, retina) good enough to bypass biometric security?

>passwords
what is this, the 1960's?

i use keys for logging into machines via SSH, and websites can do similar with certificates. modern browsers already have this functionality, i don't know why barely any site supports them

I cut all of my fingertips after a robbery/homicide so i hope we wont use them

This combined with downright stupid and ignorant CTO's and "IT" people who doesn't either give a shit or got a clue about what is going on....

You do know that keys in SSH are nothing more than long, complicated passwords?

Literally makes you easier to identify

there isn't really much of a correlation between how keys and passwords work

devices still have a hard time recognizing ones fingerprint, making it pointless to use. organizations simply forces the software to accept whatever fingerprint appears on screen, making it easy to social engineer.

2FA solves the overwhelming majority of cases.

Your fingerprint or retina wouldn't be a replacement for passwords though, it would be a replacement for your username.

They are less secure than a username.

Yes. You can fool most biometrics with a drawing of a fingerprint.

Augmented PAKE protocols such as SRP and double factor authentication. Especially the last one is tremendously pushed in the industry.

>fingerprint
>leaving your password on everything you touch

Multifactor.

The chances of someone knowing your password, physically having your phone, and knowing your phone's password are incredibly unlikely.

passwords 2.0

crowdpasswords

social passwords

3D printed passwords

discriminating passwords

cloud passwords

letting cat walk on keyboard and saving the password

when you reinstall you just make new accounts

No. Normies get Apple Authenticatorâ„¢ preinstalled, successful touch ID auth responds to key challenge (or enters random password for legacy sites)
Not hard to implement
Swedish banks do this, you have an app called BankID for your phone which is used to log in
For people without phones you can get keyfile in hardware device (either in your debit/idcard chip or calculator-like device) or as download

Cucumber tech-derived omni-passwords will replace them, though they aren't really "passwords" per se.

swedish banks gift their customers gold if they hold an account long enough, is that true?

Nope, never heard of it. Maybe you're thinking of switzerland?

LogIn with DNA test.

>Maybe you're thinking of switzerland?
Sometimes

Anal probe that requires you to take your smartphone with you on the toilet

Forced better passwords and 2fa

>Answer phone
>Radiation hits me
>DNA breaks down
>Locked out of phone