Because you just said people lose their passwords all the time. So then what?
Unlike private keys they can also enter them in other sites, reuse them, and get phished and much more.
But yes, private keys bad! because they are cryptography and cryptography is crypto and crypto is scams and grift and there is a whole new cargo cult we have to be in now…
Passwords can be reset. There's always a manual override. For most online accounts, you can restore your access to them from absolute zero — i.e. when you find yourself naked on the other side of the world and your house has also burned down and you also forgot all your passwords. It'd take time and it won't be an easy process, but it is ultimately doable.
But if it's a private key, you lose it an it's game over. You have to create a new identity and start over with everything that was tied to your old one. Worse yet, if you leak your private key, you can't stop other people impersonating you.
Oh is it magic? How do you authenticate yourself enough to reset a password? It’s almost like, you need something else. Such as a device that stores a private key.
Also, everything you said about resetting passwords can be done for resetting private keys too. The difference is that you don’t go around reusing it and typing it into phishing sites.
And if you think getting access to an account where you are totally butt naked and forgot the password is normal, I have a million gmail users who would love your wisdom.
Look, I get where you’re coming from. But all this can also be done with cryptography. What you’re describing has a standard called Verifiable Credentials. They can be issued by some trusted organization.
The trouble is, of course, that this organization can have corrupt employees issue the credentials to anyone if the amount of (social or moneyary) capital to be stolen is large.
And furthermore, the credentials like an identity document can be trivially copied and presented online, by anyone you ever presented it to. So can credit cards.
Identity Theft is quite common around the world since many organizations allow people to make accounts over the internet, without even notifying your phone about it.
And finally, by trusting the government with your very identity, you give them the power to encroach further on your privacy:
Since you are against relying on cryptography for authentication and instead prefer to rely on the government to supply your very identity, I suspect you wouldn’t have a problem with requiring a passport to use Facebook. But perhaps you’d have a problem with what they will do NEXT once everyone is required to collect this information from you. After all, “crypto bros” are just about ponzi schemes right?
Because you just said people lose their passwords all the time. So then what?
Unlike private keys they can also enter them in other sites, reuse them, and get phished and much more.
But yes, private keys bad! because they are cryptography and cryptography is crypto and crypto is scams and grift and there is a whole new cargo cult we have to be in now…