Indispensable for Identity Assurance are 1. Volition of the User 2. Practicability of the Means 3. Confidentiality of the Credentials 1. Identity authentication with no confirmation of the user’s volition would lead to a world where criminals and tyrants dominate citizens. https://youtu.be/UJDBZpX1a0U (30 seconds) https://www.valuewalk.com/2017/08/nist-password/ 2. Mathematical strength of a security means makes sense so long as the means is practicable for us Homo sapiens. https://www.youtube.com/watch?v=Q8kGNeIS2Lc (100 seconds) https://www.slideshare.net/HitoshiKokumai/password-fatigue-and-expanded-password-system 3. The credentials for identity authentication must be ‘secret’, not ‘ unique’ https://pentestmag.com/make-sure-not-mix-identification-authentication/ Any one of them missing, it would not qualify as a valid identity authentication means. Claiming otherwise would end up with spreading a false sense of safety.