Make passphrases optional

[lyndsysimon]

The whole point of Keybase is to connect cryptographic credentials to a federated identity, correct? That being the case, why do we need to provide a passphrase specific to Keybase at all?

I propose you allow users to sign in with other forms of cryptographic proof. For instance, you could provide them a nonce value, which they must sign with their previously-provided public key. Upon registration, users could simply provide a public key instead of setting a passphrase in the first place.

[englishm]

This is particularly bad if a user has uploaded their private key and associated it with their account. (cf. #160) This makes for very weak security.

[tildelowengrimm]

I agree with @lyndsysimon. Forcing Keybase to keep a user/password database and be responsible for ensuring that only a registered user can edit material seems like a loosing proposition. Why not make all profile info & editing key-based, and move the web GPG client functionality onto a separate subdomain with a restricted CORS policy.

[michel-slm]

Agreed. Just got in a situation ( #858 ) where I had a newly activated account with somehow no passphrase set and due to some DNS problem I temporarily couldn't receive the password reset confirmation. Which shouldn't be necessary in the first place as I could still access my account from my logged in browser and change keys, prove identities etc.