Authorization

Apologies in advance for the "longer than usual" post.  It's in regard to "securing" an individual's valuables or invaluables.

Let's make some key points:

• Usernames or passwords are not very secure or too secure.
• An individual can "forget them" or "lose them" at any time.
• Many "accounts" or "sites" require them.
• For better or worse, few "requirees" share individual "logins" with others.
• So an individual must remember a different username or same password per "requiree".
• PINs are simpler or easier.

You may agree or disagree with those points.

Regardless, it may or may not help to be backward:

• A 7 or 8-digit PIN can or should replace all individual "logins".
• It's more difficult or slower to "guess".
• There can or should be a single "authentication" or "authorization" service that makes sure "you're you".
• That means a single entity provides the "core service".
• All "cards" then become "debit cards" - no more "credit cards" which have essentially "no security".
• An individual's "personal data" can or should be kept in 1 place only.
• Keep it with the "core service".
• An individual's "phone number" can or should replace a "card".
• Using said phone to access "said service" can or should nearly guarantee "you're you".
• Security questions can or should be answered "forward" or "backward".
• Only an individual knows "which is which".
• Any other individual can or can't use another's "data" to "hack in" - even when they know it.

Those "arguments" or "opinions" are of high or low detail.

Surely, the "fine points" can be "adjusted".