When I read the keynote highlights I assumed Apple were extending the existing (iCloud) Keychain/Safari integration to include username generation, and obfuscated email generation resolving to your iCloud account. Since they implemented 2FA codes auto filling in the QuickType bar in iOS 12, they could've extended this UX further, or used 'Siri suggestions' to complete email verification.
I assume they didn't take this approach as it's harder to present a consistent call to action to initiate sign up, but it seems like a missed opportunity to me.
Does anyone know of a password manager that allows you to generate unique email addresses as a part of the core UX?
Ideally, they would work with Solid, a standards based approach to decentralized identity, to provide a general solution, rather than creating yet another new one.
I find Solid incredibly interesting academically, and watch it with interest, but I'm sadly skeptical that it'll find traction— it requires both substantial development resources (as apps need to be rewritten to its standards) and a change in consumer behaviour.
I'm reminded of this Steve Jobs response from WWDC 1997 [1]:
> One of the things I've always found is that you've got to start with the customer experience and work backwards for the technology. You can't start with the technology and try to figure out where you're going to try to sell it. And I made this mistake probably more than anybody else in this room. And I got the scar tissue to prove it.
The beauty of the implementation I described is that it could work with any existing (web) app with little-no development effort while leveraging affordance users already have from using Touch/Face ID to authenticate Keychain, Apple Pay etc.
Until a proposal like Solid is widespread, I'd love for a browser/password manager vendor I trust (for me, Mozilla or Apple) to integrate with a privacy-forward email vendor for unique email addresses to provide a less 'fingerprinted' approach to auth, useful today with all legacy (web) apps.
I don't disagree with what you're saying. But it's also reasonable to focus just on working with those who see the same thing you do, and develop widely usable systems based on that. That's where everything comes from, basically. If we keep pandering to the lowest common denominator, the results will always be compromised.
GDPR is having a big impact on these discussions. Organizations don't want to own data any more. It would be a true tragedy of more collapsing of the net if it came down to using one of a few big providers, without alternate options. Yet we're seeing this happen, since many sites now only offer login via social media, with no option via email. IMO, these sites should be boycotted.
When I read the keynote highlights I assumed Apple were extending the existing (iCloud) Keychain/Safari integration to include username generation, and obfuscated email generation resolving to your iCloud account. Since they implemented 2FA codes auto filling in the QuickType bar in iOS 12, they could've extended this UX further, or used 'Siri suggestions' to complete email verification.
I assume they didn't take this approach as it's harder to present a consistent call to action to initiate sign up, but it seems like a missed opportunity to me.
Does anyone know of a password manager that allows you to generate unique email addresses as a part of the core UX?