need for password

I'm working on >something< and I was searching through some older posts, found two interesting pieces:

Everything's simple until it aren't
"add alternative cert"

AFAIU, this functionality in Bubble is to add additional cert while signing off with current user cert.

So my question, likely to @skyjake is: is there any reason _NOT_ to allow user to manually add cert via fingerprint?

I'm asking as I'm planning something along the lines and am curious if there's something I might be missing.

Posted in: s/Bubble
⛄️ gim

Aug 18 · 4 months ago

4 Comments ↓

👾 jecxjo · Aug 18 at 21:32:

I would say not only is it a good idea to support multiple certs, but a cert-less solution of account recovery is needed.

⛄️ gim [OP] · Aug 18 at 21:50:

from what I can see Bubble already has certless solution, where you can point in your profile to web location of _some_ pem cert (pem cert doesn't have to be there, as long as you'll be able to place it there when you want to recover)

🕹️ skyjake [mod...] · Aug 19 at 03:27:

I suppose you could allow just entering a certificate fingerprint, although I can think of downsides:

⛄️ gim [OP] · Aug 19 at 06:52:
If you don't have access to copy/paste, it's a nightmare to enter a long string of random numbers and letters correctly.

Right, although I had to admit in case of Lagrange it's superb convenient.

As for 'random letters', I don't have much good thing to say about blockchain space, but one thing that's quite cool are encoding (almost arbitrary binary data) using mnemonics; although I have to admit, typing 24 words does not sound like fun either.

The password/remote certificate (..)

I'm aware of that (although tbh I'm more into "back it up" camp).

You must have a working cert to prove your identity if you want to add another via fingerprint.

That's correct my thinking was along the lines: "add an alternative before it's too late".

Anyway, thanks for clarification, now I'll need to come up with some alternative way to add accoun recovery ;)