I make it no secret that I hate passwords. I hate them so much. I have even previously written on the subject, suggesting an algorithmic way of generating login credentials would be preferable.
Turns out, this method is already being used in some places, kinda
There already exists a fairly widely accepted manner of confirming identity that’s pseudonymous and persistent, and already installed on a fairly large number of computers—namely, bitcoin. If you download a bitcoin wallet or make a web wallet, you can generate as many bitcoin addresses as you like. It doesn’t cost anything, and no one else will have the same address as you.
Much ink has been spilled over the potential of bitcoin as an alternative currency, but a little-remarked-upon feature of bitcoin addresses is that you can use them to cryptographically sign a message, which other people can use to verify that the address in question is indeed yours. If you want to try it out, in Bitcoin-Qt, click File > Verify message … and you will see a window for signing and verifying messages. You can enter whatever text you like, and sign it with your bitcoin address.
So if Alice wanted Bob to prove that he owned a particular bitcoin address, Alice could choose a random string of letters and numbers and tell Bob to sign it with his address. Bob could send back the signature, which Alice could use to confirm that the message was signed by the address in question. This is pretty nifty, but it’s not super-useful, unless you’re very interested in confirming that someone has the means to pay for something in bitcoin.
That’s until you realise that …
This whole process could be automated and used as a web service’s login credentials
So imagine you were running some sort of web-based service where you wanted to have users log in. Right now, the normal way to log in is by having users provide choose a username and password. The weakness of this process is of course, the password, although the use of email addresses to restore forgotten passwords is also pretty insecure.
As far as passwords go, there are weaknesses on the user side, the transmission of the credentials, and the storage of credentials on the server side. Altogether, there are lots of ways that passwords can be stolen. There is no need to go into detail about how passwords are bad here.
An alternative might be to use a bitcoin address as your username. This would eliminate the need to choose a password at all.
Similarly to the case of Alice and Bob above, if Bob was going to log into Alice’s website, Bob would indicate that his identity is his bitcoin address, 1HYDtPQueJRa8tdxXqkKa8peZEJN1iKi57, and then Alice’s website could automatically generate text like the following:
[Log in 1HYDtPQueJRa8tdxXqkKa8peZEJN1iKi57 to www.alicewebsite.com valid until 2014-01-29 20:00 +0:00 GMT]
Bob could sign that message with his bitcoin address, giving him the following signature:
You can check yourself that the message was properly signed with the given address using most bitcoin wallet software and on a number of web-based apps as well. Alice’s website could check that Bob’s signature was correct, and allow him to log in with the bitcoin address as his identity. Alice’s website could be programmed to recognise that signed message only once and only for only a few minutes.
In fact, this authentication process is already in use by some bitcoin mining pools. Eligius, for example, has no user names other than the bitcoin address used to send payouts for mining. Whenever a miner wants to make changes to her account, the service generates a code to be signed, and when it is properly signed, the changes are accepted. This means that there is no password list on the Eligius server to steal, and none to remember for its miners. It’s pretty clever, really.
There are a lot of good reasons why even non-bitcoin-related web services might want to adopt this method of authentication
The system is pretty simple. You just have to remember which address you used as your account.
The upside to using bitcoin addresses for login credentials are many. There are no passwords to be stolen / forgotten / recycled by users, and no list of passwords on the server. A system like this also protects one against the case in which Alice, the person running the web service is maliciously collecting user passwords.
Not only that, but a lot of people already have a bitcoin wallet. The algorithm for signing messages is standard, and the software is free and open-source.
There are some downsides to a bitcoin authenticator too
The first thing that people notice about bitcoin addresses is that they’re long and seemingly random strings of letters and numbers, which can be off-putting. We’re used to human-readable usernames, so that we can log in to our accounts on strange computers, with passwords that we also remember.
There isn’t really a way around this. This system is designed to prevent login credentials from being simple enough to be remembered by a human. That said, there’s nothing preventing a web service from allowing you to have a “handle” or a “real name” associated with your bitcoin address that could be human readable.
As far as logging in on multiple devices go, this might present a bit of a challenge, since a bitcoin address’ private keys are usually only kept on one device—the wallet on your computer, or in an app on your phone. A well designed web service could allow for a user to associate multiple bitcoin addresses together, so that she could log in to the same account on different devices that have different bitcoin addresses on them.
If you lose the private keys for your bitcoin address, there’s nothing anyone can ever do to recover them. You can see this as a bug or a feature. If you want to close an account on a web service forever, just trash the private keys for that bitcoin address, and no one can ever open it again. But if you have a hard drive crash, and you didn’t think to make a backup, or if you lose all your backups simultaneously, then there’s nothing that can be done for you.
Private keys, like anything digital, can be stolen—either by a person with a USB drive who’s physically at your computer, or by malware. Then again, this is also true of your encrypted password lists, and I think it would make the situation no worse than what we currently have with the username/password paradigm.
MediaWiki is free and open source software. It is most famously used as the software that Wikipedia runs on. Because it is free software, anyone can take the source code and make a fork of the project, in which she adds her own new features. Same thing goes for WordPress. There’s part of me that’s very strongly tempted to fork both of these projects such that they allow bitcoin addresses for authentication, and then lobby to have it merged back into the main project.
But then the holdup for projects like these is always one of acceptance, rather than just the technical re-programming of the software. Anyone have contacts at MediaWiki or WordPress or other free/open-source projects, who would be open to this kind of suggestion?
Table 1: Levels of security for bitcoin wallets and analogues in user authentication
“Like letting a stranger hold a wad of cash for you”
|Cloud-based password managers
“A million times better than what most people do”
||Locally stored bitcoin wallet
“At least it’s not a web wallet”
E.g. Bitcoin-qt, with encryption not enabled
|List of passwords on local computer only
“At least you’re not using the same password for everything”
E.g. Excel spreadsheet on desktop
||Locally stored and encrypted bitcoin wallet
“Not the worst, but don’t keep your life savings there”
E.g. Pretty much any wallet has encryption by default
|Locally stored and encrypted password list
“This is what most users would aspire to”
E.g. Keychain Access on the Mac
||Paper wallet or private keys on offline computer only
“The gold standard for bitcoin wallet security”
E.g. Bitcoin Armory paper wallet
(Edit 2014 Jan 29: Added Table 1 to aid in responding to Morty’s comment below.)