Password, passphrase

I like locator and password, as that is rooted in the reality of what they are.

In these troubled times, let us find inspiration in large amounts of entropy

Hearing @mav’s points about reflecting meaning and @JimCollinson’s post about a more effective workflow (which I like), I wonder if we’re nearly there. At least for an MVP for market testing.

I think naming can make a big difference and have never liked ‘pashrase’, not just in this context but wherever I’ve heard it. I do wonder if it carries any meaning at all for most people.

So using Jim’s workflow and mav’s suggestion maybe ‘memorable account address’ or something which explains a little about it’s qualities and purpose. Combining this with automatically suggesting one to be used as in Jim’s example, seems useful.

I think ‘memorable account address’ is easier to remember and understand than passphrase. To begin, most people will accept what’s presented rather than edit and create their own, and a ‘Choose your own’ link can give advice for those who want that control.

When they get used to it people will shorten it to ‘account address’ and ultimately ‘address’ or ‘account’, but my belief is that they will retain the understanding that:

• it needs to be long
• it should be memorable
• it identifies their account

I think this falls down at the must imply secret hurdle though. I can envisage phishing/social engineering attempts along the lines of “oh, what’s your account address by they way, so I can check we have you on our system?”.

I think naming can make a big difference and have never liked ‘passphrase’ … I do wonder if it carries any meaning at all for most people.

Don’t have oodles of data on this, but it compared much more favourably than Account Secret when we tested it, and no-one stumbled over it in any of the on-boarding/account creation tests we did.

This was the screen we used for that test, and the description provided:

Frame 7938×1472 124 KB

Again, I think this could be much improved, though auto generation of a phrase-like entry, and UI elements that are more distinct from those used for the Password.

I think we can, and shall, do better than this, and we should dedicate some time to design and testing at some point.

Sadly lockdown make my usual user testing methods impossible! But I don’t think we need to rush into any changes ahead of MVE anyway, and hopefully the lockdown won’t be that longterm!

“Secret location address” and “password” ?

Emphasise a pass"word" can have many “words” and spaces in it.

Or Secret location address and passphrase if you really must, but not passphrase and password. Confusing and demeans the latter IMHO.

I’ve not tested this of course, but i’d wager we’d be going down the path of user confusing there again. What in the hell is a location address? How do I make one? do I need to get one from somewhere first? What does it do etc?

Really, this thing to all intents and purposes, works like a password, acts like a password, and should be treated like a password.

I think it is a mistake to encourage people to think of it like an address or a locator, when it need not function like that.

A city with your house in it, that you have the both street address to, and the door key is the wrong metaphor to be pursuing in my view, as it comes from a clearnet/centralised pov, and makes something targetable at an individual user level… which is not how the Safe Network (from a security and UX view point) needs to function.

If we think of it more like the giant cyber brain, that I command to reassemble my memories, having authenticated myself as a single unique human, we are closer. So what I need to do is tell the network who I am, in a way the no-one else is able to… that is the goal.

For this reason, the single long password has its merits, and would fit with this model, however I am apprehensive about barreling down that route without adequate testing as it may well prove to be less usable (and therefore less secure) because it negates the option to cache that long complicated passphrase bit on certain devices (or replace it with biometrics, hardware, somethingyouhave etc) so you don’t have to enter it every time, allowing the second part to become a more ergonomic password.

I’m totally happy to be wrong on all this BTW. And perhaps we find a 3rd way that’s even better, so let’s not paint ourselves into a corner based on gut feeling, but leave options open that we can look into in more detail when time allows.

Keeping the two elements for the time being might give us more latitude in that regard.

A location address is YOUR secret gateway into the SAFE universe
You make it by creating a phrase of [complexity-factor] length right now.
No, its YOURS, YOU make it up. SAFE space is so humougously huge that no-one can possibly have the same location as you (subject to complexity-factor)

It acts as a door to all your stuff in the SAFE network and all the resources you want to use. And once you have made it you are going to make a key to open that door. You need to remember where your door is and to have your key with you . Or some story like that…

I dont think of it as a street address, I think of it as a portal chiseled out of the rock on an asteroid circling an insignificant star in a galaxy many parsecs from ours

But then again, maybe I read too much bad sci-fi and did too much acid a few decades back…

But then you are going out of your way to explain why it’s not like a location nor an address, having just labelled it as that.

In my experience, it’s this kinda thing that will trip people up and also expose them to vulnerabilities such as the phishing/social targeting ones mentioned earlier.

A kind of door of perception?

very much so

Star gate co-ordinates…

But we emphasise that BOTH parts are secret cos we are dealing with a super advanced civilisation that can guess ONE part but find guessing both parts very difficult indeed

Edit: scrap “location” call it Personal Stargate then…

All this is moot IF we can find a way to derive whats needed from one sufficiently long password/phrase that is reliably memorable. But Im not holding my breath on that…

Although as I mentioned, one password only, has it’s own issues of ergonomics, even if it is memorable.

Indeed - I suspect that what we end up going with will be a compromise that hopefully most can at least live with…

I am glad its not me that will have to make the final call on this.

I propose ten passwords, with the bonus you can get each tattooed on a finger.

And as a bonus you can get another tattooed on your left ball

Or you could just have one password, with each character on a finger: Q W E R T Y U I O P.

Useable and ergnomic!!

Knock .................................
Key .................................

You always have to knock first

Lock
Key

With the thought that lock alludes to location.

…also, if the lock or key are not complex enough, then someone could force them.

Knock ...knock.................................
Key ...key who?................................
key pa-knockin' but you can't come in