@prologic@twtxt.net Thanks! Well, a vaultless password manager is not ‘passwordless’ but I get your point. Not having to actually remember a password.
I’ve been playing with https://spectre.app although I think having to remember a Master Password + your accounts makes it difficult to use for the average user. You have to remember how exactly the username is stored, or… Having a vault again.
I’m thinking more of getting a Dynamic password, like a 9 digits OTP or similar, with seeds/keys stored in some device, like we actually do for 2FA/TOTP. I’ll be not a 2 factor authentication, so I’m going around in circles.
Also, I’ve heard of OPAQUE as a way to avoid transmitting passwords, but that’s another topic https://ctrlc.hu/opaque/
And lastly (for my 280+ characters twt), I like WebAuth with multiple implementations. Perhaps with the support of OS designers, it would be easier for users https://www.wired.com/story/apple-passkeys-password-ios16-ventura/ https://docs.microsoft.com/en-us/windows/security/id