There was a recent HN about a better way to protect bitcoin wallets that was like this.
I think the idea was, we already have multisig, where it takes M of N parties to perform a transaction. But that's no good for individuals everyday transactions.
But why can't M of N just be used to perform one special kind of transaction, which is "reset my password"?
And it doesn't have to actually be other people. If you don't have any friends you want to trust, the other M of N parts could all be other things of your own. Other devices, thumb drives, hardware keys, printed qr codes, memorized phrases, etc. Maybe some inconvenient to access but they exist if things get bad enough.
It seems perfectly doable, and the only reason the Apples and Googles of the world aren't doing it, or at least working on it, is because they're choosing not to.
Another comment actually said that Apple were working on this and eve had it largely worked out, and it was actively killed.
There seems to be no fundamental technical or user problem making good user security impossible. Simply too many powerful entities for their different reasons don't want most people to have it.
I think the idea was, we already have multisig, where it takes M of N parties to perform a transaction. But that's no good for individuals everyday transactions.
But why can't M of N just be used to perform one special kind of transaction, which is "reset my password"?
And it doesn't have to actually be other people. If you don't have any friends you want to trust, the other M of N parts could all be other things of your own. Other devices, thumb drives, hardware keys, printed qr codes, memorized phrases, etc. Maybe some inconvenient to access but they exist if things get bad enough.
It seems perfectly doable, and the only reason the Apples and Googles of the world aren't doing it, or at least working on it, is because they're choosing not to.
Another comment actually said that Apple were working on this and eve had it largely worked out, and it was actively killed.
There seems to be no fundamental technical or user problem making good user security impossible. Simply too many powerful entities for their different reasons don't want most people to have it.