Hello Privacy Subscribers of Lemmy, I’m Webhost0101. With the help of ChatGPT, I’ve been exploring the challenges we face with digital identity, particularly regarding the use of email addresses. I’ve developed a concept aimed at enhancing privacy and security in our digital interactions.
Identifying the Problem: Our dependence on email addresses as universal identifiers exposes us to various privacy and security risks. The dual nature of emails - serving both as identifiers and gateways to personal communication - presents a significant challenge. The goal is to create a system that can help gradually step away from this bad practice.
The plan
The plan involves converting email addresses into hash codes to serve as digital identifiers, with these codes usable in both digital and physical realms through personalized QR codes. This approach offers a secure and private method for identity verification. While similar systems exist that use QR codes for login purposes, this concept is distinct because it does not store any authentication keys. It only maintains a ‘username,’ which is the hashed email, and instructions on how to convert an email address into this username. This ensures enhanced security, as the ‘Sign’ system is designed primarily for identity verification without directly facilitating authentication or access.
The Concept: Creating Your ‘Sign’
- Initial Step: Visit the ‘Sign’ website and input your email to start the process.
- Email Verification: Receive a unique link via email, confirming your email’s validity.
- Hash Generation: Use the unique link to select from multiple hashing algorithms or a default option. This generates a hash code, presented as both a string and a QR code, encapsulating the hash and the algorithm/options used.
- Optional AI Art Generation: You have the option to generate AI-based art from the QR code, adding a personalized aesthetic touch.
- Finalizing the Sign: Enter your ‘Sign’ into the system, which stores only the sign including the algorithm/options used. No email addresses, names, or URLs are kept.
- Receiving Your QR-Art: Obtain a high-quality image of your QR-art for printing on various personal items.
Using ‘Sign’ for Digital Identification
- Online Login: On supported platforms, log in with your ‘Sign’ rather than your email address. The service checks for a corresponding email in their database that produces the same hash with the chosen algorithm/options. Services can eventually replace emails with ‘Signs’ for regular users.
- Real-Life Usage: In physical stores, use your QR-art ‘Sign’ when asked if you have an account/booked at table.
Security and Privacy Considerations
- Robust Encryption and Data Protection: Implement strong encryption and secure data handling practices.
- Multifactor Verification: Use the ‘Sign’ as part of a multifactor identification process, alongside other verification methods.
- Handling Hash Collisions: Establish protocols to manage the unlikely event of hash collisions, ensuring system integrity.
Advantages and Use Cases
- Enhanced Privacy: Limits the need to share email addresses, reducing spam and data breach risks.
- Versatility: Applicable both online and offline, enhancing convenience.
- Personalization: The AI-generated art offers a unique, personal touch to each ‘Sign’.
Conclusion: The ‘Sign’ system proposes a novel approach to digital identity, focusing on privacy, security, and user convenience. It represents a potential step forward in how we handle and protect our digital identifiers across various settings.
Others beat me to the punch on saying this is just worse WebAuthN, but there are some specific flaws that boil down to saying that this whole thing is, at best, totally inconsiderate of real attack vectors such as phishing
Huh? What does this even mean? How can you avoid sharing your email and replace it with a sign, if they need to check it against their database of… Emails?
Ah excellent. Someone can just look at a security camera or just snap a photo over your shoulder and steal your sign then. Because your proposal sure doesn’t note any way that these are 1-time use only. And if they were, this sounds like an awfully inconvenient way of receiving a temporary number (which sites usually only ever do as a cheap/bad 2FA method/password resets)
Oh boy, better make sure to not get phished! Or that the link is 1 time use! Or that you aren’t being victimized by a MITM attack and getting it intercepted immediately!
I mean, a fair amount of people have point out my system is flawed and has been done better so its kinda a waste of time but i don’t think these are good against arguments against it so i will try to clarify this a bit more.
The sign is not a point of entry, it doesn’t matter that people can copy it anymore than people can have the same first name as you. There is very little anyone can win by knowing or copying your sign except maybe light bullying. It definiteness inst worse then what stranger can do with your email address. It is a name people can use to identify you but its not a proof of identity on its own, you’d need to combine it with something like a password for that.
At this point of time every site, every store every account is made using your email, the databases already exist. Rather then just inventing a brand new system for new sites, i though of something that could work with the current one. They only need to check their existing database once per email and change it into the hash, so now the user can login using the hash and can no longer login using he email.
The email verification thing is bog standard procedure we use today build in every account registration setup to guarantee that its the owner of the email that is making an account, i would be using it the same way to make sure you cant create a code for someone elses emai. You may wander how to do this when there is no more email in the registration for other sides. Easy, there is no initial check, its not a problem irl that people have the same name, neither is it a real problem that someone used your sign for a login, i cant see a reason why they would but next to forgot pasword there is now “Someone else has used my sign” In this case the site could still ask an email address as a secondary identifier, Cross reference the email again the code itself (as the code contains the algorithm to convert the email into the code), send standard verification mail so the owner can proof ownership. old account gets deleted and they get a new one. Using someone else sign cant be stopped just like you can pick any first and last name on facebook but because we know the signs to be unique it should be against TOS to create an account using someone a sign made with an email you don’t own without permission.
This has gone on to long again, its a flawed idea, i wont actually execute it and i pretty much expected it to be shot down, the feedback is still valuable to me, which is why i did it.
I’ll summarize myself and my initial intentions in a final stance.:
I firmly stand again the practice of using email addresses as usernames for online identities, there are good reasons for sites to require your email address but a username or way to login is not a good reason for such sensitive communication-information.