Reading a blog entry by Rebecca Lawson on SQRL passwords and I did a double-take because I thought I missed something. What the heck is SQRL?
Gibson Research describes SQRL as
“Proposing a comprehensive, easy-to-use, high security replacement for usernames, passwords, reminders, one-time-code authenticators . . . and everything else.”
From what I’ve read, the SQRL approach is flexible whereby it can be tied to user identity or not. The choice to tie it to a user identity is up to the implementation on the back-end of the application.
Rebecca Lawson’s blog entry