What are the most important differences between native applications and web applications (for mail, rss et.c.) when it comes to login?
Native applications usually store login information. For web applications this is dependant on the browser in order to store login form. Depending on application, there can be days between resubmission of credentials.
For unix applications there are alternatives like ssh shared keys. It enables connection from one machine (login) to another. It would be interesting if this approach could be reused for browser to web server communication. That is: generating a shared key for a single browser/machine. If you could generate a one time use string from the phone company in order to anonymize the identity? The identity of the user would still be transparent to ISP and other infrastructure providers. The setup to use a site from a new machine/login would be a hassle. For single use scenario: Maybe one session tokens sent to the phone when you are at an internet cafe?
Currently the alternatives are reduced to form fillers and password managers. Some browsers implement these features.
Do you want to send a comment or give me a hint about any issues with a blog post: Open up an issue on GitHub.
Do you want to fix an error or add a comment published on the blog? You can do a fork of this post and do a pull request on github.
Comments