need for password

I'm working on >something< and I was searching through some older posts, found two interesting pieces:

Everything's simple until it aren't

"add alternative cert"

AFAIU, this functionality in Bubble is to add additional cert while signing off with current user cert.

So my question, likely to @skyjake is: is there any reason _NOT_ to allow user to manually add cert via fingerprint?

I'm asking as I'm planning something along the lines and am curious if there's something I might be missing.

Posted in: s/Bubble

⛄️ gim

2025-08-18 · 9 months ago

4 Comments ↓

👾 jecxjo · 2025-08-18 at 21:32:

I would say not only is it a good idea to support multiple certs, but a cert-less solution of account recovery is needed.

⛄️ gim [OP] · 2025-08-18 at 21:50:

from what I can see Bubble already has certless solution, where you can point in your profile to web location of _some_ pem cert (pem cert doesn't have to be there, as long as you'll be able to place it there when you want to recover)

🌆 skyjake [mod...] · 2025-08-19 at 03:27:

I suppose you could allow just entering a certificate fingerprint, although I can think of downsides:

• To avoid potential clashes you'd need the entire (or most of the) fingerprint, which is uncomfortably long.
• The UX is poor. A user may not have a way to acquire the fingerprint without special tools. If you don't have access to copy/paste, it's a nightmare to enter a long string of random numbers and letters correctly.
• The password/remote certificate solution means you can add the alternative cert even after you've lost your main one. You must have a working cert to prove your identity if you want to add another via fingerprint.

⛄️ gim [OP] · 2025-08-19 at 06:52:

If you don't have access to copy/paste, it's a nightmare to enter a long string of random numbers and letters correctly.

Right, although I had to admit in case of Lagrange it's superb convenient.

As for 'random letters', I don't have much good thing to say about blockchain space, but one thing that's quite cool are encoding (almost arbitrary binary data) using mnemonics; although I have to admit, typing 24 words does not sound like fun either.

The password/remote certificate (..)

I'm aware of that (although tbh I'm more into "back it up" camp).

You must have a working cert to prove your identity if you want to add another via fingerprint.

That's correct my thinking was along the lines: "add an alternative before it's too late".

Anyway, thanks for clarification, now I'll need to come up with some alternative way to add accoun recovery ;)