Yes. Authentication via shared secret (aka password) is actually ideal from most use case angles.
Sure it's broken if that password is "password123". And remembering 20+ characters (minimum to be good) isn't practical.
But all that is solved problem with password managers. Generate very long truly random & unique passwords which are never reused and that is actually very strong.
Sure it's broken if that password is "password123". And remembering 20+ characters (minimum to be good) isn't practical.
But all that is solved problem with password managers. Generate very long truly random & unique passwords which are never reused and that is actually very strong.