340M credentials just dumped. 94% of passwords are reused across accounts.
The attacker doesn't break in. They log in.
A wallet that authenticates with your face and requires your trusted circle to move funds isn't paranoia. It's just math.
GET RID OF CREDENTIAL BASED SECURITY
94% of leaked passwords are reused. So we added SMS MFA. Then SIM swap made your phone number a password too.
The attack surface didn't shrink. It just moved somewhere carriers control and you don't.
#web3#blockchainsecurity
https://t.co/ZX3hgZ6KHC
Treasury just proposed treating stablecoin issuers as banks under the BSA — full AML, full KYC. Compliance doesn't care if your wallet is self-custodied or institutional anymore.
https://t.co/sFlWhOIzlh
🎙️On the Crypto Conversation podcast, we're with @MJProjectHaven founder @Haven_Official1, the world’s first wallet with live biometric authentication. ICO is live 🎧 https://t.co/LaduvhikBC
The Verus bridge didn't get hacked because the code was broken. It got hacked because the verification layer trusted the wrong signal.
Credential based auth is not enough. We need proof of owner authentication.
#humanintheloop#cryptonews#defihacks
https://t.co/WS2j0rf1KX
The RSAC debate: 'human in the loop' doesn't scale, so let's move to 'human on the loop.' Fine — but the problem was never too much human oversight. It was humans approving things they didn't actually verify. Those aren't the same issue. #infosec
https://t.co/qQWMMcfo1n
Regulators just fined crypto exchanges $900M+ for weak KYC and are now mandating biometric identity at the wallet level. The industry spent years treating 'know your user' as friction. Turns out it was the floor. #crypto#compliance#biometricsecurity
https://t.co/ZLCnsi4GXh
Operation Atlantic: $45M drained not by exploits, but by users clicking 'approve' on a fake popup. The wallet did exactly what it was told. That's the problem. Signing ≠ consenting.
#cryptonews#web3security#CryptoDaily#Blockchain
https://t.co/64i0pkSfjJ
Three top security firms just confirmed it: crypto's biggest losses no longer come from smart contract bugs. Attackers now target the human signing the transaction. The UI lies. The signer approves. Funds gone. The weakest link has always been unverified authorization.
@humntech HAEN does this - the wallet is linked to the owner’s biometric. No passwords - no seed phrases.
We remove credentials completely.
1) if it’s not you, it’s not possible
2) no credentials = nothing to breach
@SOLdeadinternet@Xeer Totally agree - the biggest technological challenge today.
We need global adoption of human authentication protocols. We need to know more than ever that a human owner is behind key actions.
@alexmacgregor__ Totally agree - but the requirement should be “human authenticated actions”.
The Orb is good in theory, but in reality its limitation is in the Orb device. AI is on every phone, a phone based human authentication is the only answer.
Wild that 450 million people have verified themselves via the World 'Orb' that scans users eyeballs and faces to create a "proof of human" signature.
But is it really tho? Proving you are human may become one of the most valuable credentials online assuming AI agents get to like 95% of online content.
Thoughts?
@AlfinCodes@devXritesh Authentication today isn’t who you are. It’s who has the credentials.
It’s the biggest vulnerability in security - that if you have the password, you are the account owner.
We are entering an era where human authentication is key.