On Thu, Jun 7, 2012 at 8:58 AM, Jared Mauch <jared@puck.nether.net> wrote:
I'm imagining my mother trying this, or trying to help her change it after the hard drive dies and the media in the safe deposit box doesn't read anymore.
I would think it's fairly simple. What if she forgot her existing password? Most sites have a 'reset password' link they e-mail you. A browser extension 'helper' would simply generate a new key and let you reset your password. Maybe the helper could be dumbed down enough to automatically handle the password reset screen and automatically POST the new key to the reset page. I'm sure it could be done transparently enough that our mothers wouldn't need to think twice about it. Heck--the 'helper' could probably even back up your SSH key off-site sorta like LastPass does. And if your private key is actually password protected, it's slightly less useless if the off-site backup company were compromised. The only downfall is how do you get access to your e-mail account? (Google already calls my cell and/or home phone if I request access without using my password.) I agree there are stumbling blocks, and it wouldn't be perfect--but it seems like it would be much better than the alternative we have now. People using the same password on multiple sites, passwords written down, dumb website operators not salting their hashes, etc... Also, thanks for the great secondary DNS service. ;) -A