This is very interesting check the link above.
Web sites and applications shouldn’t have to rely on problematic identification methods such as usernames and passwords.
- This is a human problem.
- This is a customer support problem.
- This is an industry problem.
Using 1Block for authentication purposes has many benefits.
- supported by nearly all smart phones and browsers
- simple registration and login process for end user
- eliminates keyboard interaction
- reduces phishing/malware risks
- reduces need for 2nd factor auth
- no need to remember, create or change passwords
- services know only site-specific public addresses
- no personal or sensitive information supplied with a login
- each login is unique, no useful information to sniff
Classical password authentication is an insecure process that could be solved with public key cryptography. The problem, however, is that it theoretically offloads a lot of complexity and responsibility on the user. Managing private keys securely is complex. However this complexity is already being addressed in the Blockchain ecosystem. 1Block leverages these efforts and makes authentication a much simpler and safer process for the end user.
Your ID is never exposed outside of your device, and it is stored encrypted. There are no trusted third parties required (ie. DropBox.) Because of this secure design, changing passwords becomes a thing of the past. In the unfortunate event your ID is compromised, ID revoking and replacing is an easy and built-in feature.
1Block boils this technology down to an easy user experience, and also easy and flexible server implementations. 1Block can replace traditional password logins, or act as a secondary factor of authentication, or used for any implementation where secure proof of ownership is required. 1Block is free to use and open-source.
For protocol details see the protocol draft.