Why haven't asymmetrical keys replaced passwords yet?

imagined security scheme:
1.Generate public/private key pair
2. share public key when creating account with whomever.
3. when logging in, account will send you random string
4. your browser will encrypt string with private key
5. account will decrypt string with your public key, if it is the same string they sent, you are authenticated.

Follow

@zacharius client side ssl certificates are (handwaving) basically this. Here's an article from *10 years ago* lamenting that they never caught on. blog.pilif.me/2008/05/26/why-i

Sign in to participate in the conversation
Tiny Tilde Website

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!