Because in order to prove that you know the secret you have to reveal the secret... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

lisper on Jan 1, 2020 | parent | context | favorite | on: Viaweb's First Business Plan (1995)

Because in order to prove that you know the secret you have to reveal the secret. That makes it unavoidably vulnerable to phishing.

nine_k on Jan 2, 2020 [–]

Not necessarily.

To prove that I have a secret key, I encrypt something of your choosing, and you decrypt it with a public key. This is enough proof, and private parts remain unexposed.

lisper on Jan 2, 2020 | [–]

Re-read the question to which I was responding: "what's wrong with username and password?"

Consider applying for YC's W25 batch! Applications are open till Nov 12.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact