10
Aldar
41d

Having gone to a bank to reset a password again today (Yes, I forgot it for like... 3rd time, don't judge me, its my backup bank account I need to access like... once a year), I was once again made to think - I come in, give them my state ID by which they authorize that I can even make a password reset request.

Then they give me a tablet to... sign a contract addendum?

Its not the contract part that always makes me stop and think though - its the "sign" part.

I'd wager that I am not the only one who only ever uses a computer to write text these days. So... My handwriting got a lot jerkier, less dependable. Soooo... My signature can be wildly different each time.......

And if my signature varies a lot... then... what is the point of having it on a piece of paper?

I know its just a legal measure of some sort... And that, if it came down to someone impersonating me and I'd go to court with the bank, there would be specialists who can tell if a signature was forged or not... But...

Come on, the computer world has so much more reliable, uncrackable, unforgable solutions already... Why... Don't all folks of the modern world already have some sort of... state-assigned private/public keypairs that could be used to sign official documents instead?

It costs money, takes time to develop etc... But... Then, there would not only be no need to sign papers anymore... And it would be incredibly hard to forge.

The key could even be encrypted, so the person wishing to sign something would have to know a PIN code or a password or something...

tl;dr: I hate physical signatures as a method of authentication / authorization. I wish the modern world would use PKI cryptography instead...

Comments
  • 1
    As someone with shite handwriting to begin with, i think of this every time I have to sign for anything. Wish bio signatures were a more prevalent thing.
  • 4
    > Come on, the computer world has so much more reliable, uncrackable, unforgable solutions already...

    And yet you still aren't using a password manager.
  • 2
    It's more about how you write it than how similar it looks every time. Any person could learn to make a similar looking signature, but it's harder to learn to make it vary the way it does when you write it.
  • 0
    @gronostaj I am sticking with google pw manager for now. Has everything I need for now, including 2fa through a physical securitu key (Yay yubikey)

    I did, for a time, consider a browser-independent pw manager, but after the disappointment with lastpass, I am taking a break before trying other options.
  • 1
    @electrineer does writing as if my hand and wrist was constantly cramped up count as a style of writing? I swear, I can hardly write so that anyone beyond myself can read it, or, write incredibly slow in all capital block font...
  • 0
    Signatures still tend to be quite unique, in the sense that there are certain characteristics to the way they were written that are mostly subconscious. There are people trained to pick out such minute details and compare them to other documents you might have written on, should they go so far.

    Even if not, forging a signature is still a very difficult thing. As long as people are hesitant to forge signatures, it does help deter forging. Forging a signature on an important document is often a pretty serious crime, after all.

    It also has you extensively touch the paper, which of course leaves tons of prints. Putting your signature on something is also a very conscious act of agreement that eyewitnesses can bear witness to, which combined with the fact you were at the location at a given time, can definitely be used to figure out if the signature is legitimate or not.

    But of course, it's an old system with tons of security holes. It's a simple system, though. Nothing is foolproof.
  • 0
    @Aldar What was disappointment with LastPass ?
  • 0
    Also, once we’d have digital signature in place why to go physically to a place ... looking forward to the future :)
  • 0
    @kLue I went to import the password list from google and... The specific option to import it from chrome... And it failed.

    Tried generic settings... Failed.

    Googled it, and found threads of lots of people having the same issue... But... what ticked me off was how LastPass support apparently didn't care / took incredibly long to respond / didn't respond at all...

    I don't want to give my money to a company like that.
  • 0
    Whenever I have to sign for something electronically at a store, I just draw a penis. I read some article about it (where the author did it for weeks or months until he got caught and was embarassed and didn't do it again) when I was a teen and just got into the habit of it...

    Yeah idk why the signatures are important either.
  • 0
    @Aldar ouch I see man, well I started to use them from the beginning so didn’t encounter this side of theirs :P
Add Comment