> Is it only theoretical, or is there any sample code?
Ah, not exactly. I saw it a something that could become a draft standard. That said, the test vectors do come from a program that implements it by hand[0].
I assume we could write one that would implement it for the command line (say, for cURL), but the design is really meant to be implemented by browsers.
> You could associate (some or all of) them with an account
Yes. In this instance, the account is the browser’s Sync system, which synchronizes between devices.
> I don't think we will ever eliminate passwords in the sense that a person will never need a password ever again
My belief is: we should only ask each individual to only remember a single password throughout their life, so that it can be strong enough to outlast them[1].
Ah, not exactly. I saw it a something that could become a draft standard. That said, the test vectors do come from a program that implements it by hand[0].
I assume we could write one that would implement it for the command line (say, for cURL), but the design is really meant to be implemented by browsers.
> You could associate (some or all of) them with an account
Yes. In this instance, the account is the browser’s Sync system, which synchronizes between devices.
> I don't think we will ever eliminate passwords in the sense that a person will never need a password ever again
My belief is: we should only ask each individual to only remember a single password throughout their life, so that it can be strong enough to outlast them[1].
[0]: https://github.com/espadrine/espadrine.github.com/blob/maste...
[1]: https://espadrine.github.io/blog/posts/memorable-passwords.h...