Reply to post: Re: So if I understand this correctly?

No password? No worries! Two new standards aim to make logins an API experience

Anonymous Coward
Anonymous Coward

Re: So if I understand this correctly?

"Sounds well dodgy to me if authentication isn't done at the server end."

Authentication is certainly done at the server end, just with per-agent cryptographic keys rather than a shared password. It's then up to the agent (i.e. your device) to ensure those keys are securely stored. Most phones and enterprise devices already do some form of this, this is a generalisation for the general web.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021