Regarding the original whitepaper we’re no more using a “normal” password to secure a @unikname
For end users that means that the unikname app acts as a cryptographic wallet, himself secured with the device (smartphone) security API : pincode and fingerprint.
Technically the user do not use any password to authenticate on a website. uns.network authentication protocole combine two things :
- oAuth and OpenID Connect authentication standards, where no more password are exchanged
- specific cryptographic algorithm to make every authentication fully private. When a user is connected to website A, authentication information are totally different from the one used when you’re connected to website B. So a hack on a website could not have any border effect to all your other website accounts.
User could have multiple @unikname to be connected on different websites, but with our solution it’s even not required because the @unikname himself is never shared.
The main objective is to be highly secure, while keeping a high level of privacy and confidentiality, with a great UX for end users.