What's the difference between a pin and a password?
I think the solution is public key cryptography. See my other reply. However, I don't want my private keys stored on a computer or phone, since they can be stolen. I want to store they keys on a frob (USB key, wireless doodad, whatever) that signs messages with private keys but can't be accessed directly. This frob would be protected with a password or PIN of some kind. The frob should display the requested confirmation (Log into Hacker News as cottonseed? Yes/No) and require direct confirmation. This is, for example, the architecture people using for bitcoin hardware wallets, where the potential cost of failed security is very high.
I think the solution is public key cryptography. See my other reply. However, I don't want my private keys stored on a computer or phone, since they can be stolen. I want to store they keys on a frob (USB key, wireless doodad, whatever) that signs messages with private keys but can't be accessed directly. This frob would be protected with a password or PIN of some kind. The frob should display the requested confirmation (Log into Hacker News as cottonseed? Yes/No) and require direct confirmation. This is, for example, the architecture people using for bitcoin hardware wallets, where the potential cost of failed security is very high.