# 12.1 Password-Based Authentication

*What PTERI replaces — and why it is no longer needed*

> This section compares PTERI with legacy and modern alternatives, and explains **which systems become obsolete** once cryptographic authority is the foundation.

PTERI does not coexist with multiple trust models.\
It **collapses them into one**.

***

### Legacy Model vs PTERI

| Category                    | Traditional Model                     | Problems                                                       | PTERI Replacement                                                          |
| --------------------------- | ------------------------------------- | -------------------------------------------------------------- | -------------------------------------------------------------------------- |
| Authentication              | Passwords stored or hashed on servers | Phishing, credential reuse                                     | <mark style="color:$primary;">**No passwords**</mark>                      |
| Account Recovery            | Email or SMS-based recovery           | Recovery channels can be hijacked (SIM swap, email compromise) | <mark style="color:$primary;">**No recovery secrets**</mark>               |
| Multi-Factor Authentication | MFA layered on top as a patch         | Adds complexity, still relies on shared secrets                | <mark style="color:$primary;">**No MFA add-ons**</mark>                    |
| Credential Storage          | Centralized databases of credentials  | Database breach exposure                                       | <mark style="color:$primary;">**No credential databases**</mark>           |
| Operational Complexity      | Multiple systems layered together     | Complex recovery flows, high operational overhead              | <mark style="color:$primary;">**Single wallet signature primitive**</mark> |

***

### What Changes Fundamentally

| Legacy Assumption           | In PTERI                                                                           |
| --------------------------- | ---------------------------------------------------------------------------------- |
| Secrets must be stored      | <mark style="color:$primary;">**No secrets stored on servers**</mark>              |
| Credentials prove identity  | <mark style="color:$primary;">**Cryptographic signature proves identity**</mark>   |
| Authentication is layered   | <mark style="color:$primary;">**Authentication is native to the primitive**</mark> |
| More layers = more security | <mark style="color:$primary;">**Fewer trust surfaces = stronger security**</mark>  |

***

### Core Principle

> *"If there is no secret, there is nothing to steal."*

Wallet signature replaces the entire legacy authentication stack.

***


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.kakrlabs.com/12.-comparisons-and-obsolescence/12.1-password-based-authentication.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.