Snail-paced development

How the Passwordless.ID development is currently in a slump.

The situation

Passwordless.ID isn't progressing lately. While I would love to have Passwordless.ID already done and wrapped up, it's still far from it.

The reason: lack of time, lack of resources.

It's a personal project. It's not some big company or big bucks behind this. It's just an idealistic me, cursing at the utterly complex always forgotten passwords as a user and cursing at OAuth2 providers for the incurred complexity you have to deal with as a developer. Not to mention the account breaches due to insufficient precautions. With the recent WebAuthn/Passkeys protocol, started my journey to simplify all this. Make things simple, secure and "passwordless" for everyone. That was the goal (and still is).

However, as I mentioned before, it progresses at a snails pace. I sometimes work on it when commuting in the train, sometimes an hour in the evening or during the week-end. But this is not very productive. What should take hours take days, what should take days take weeks, what should take weeks take months. And it all overlaps with my personal time, which sometimes feels pleasant, sometimes feels like a burden, resulting in development even more spread over time.

And this feels quite annoying in itself. When developing in such a way, small piece after small piece, everything takes so long. You don't have this burst of productive work with satisfaction that a big chunk is done. It's like watching a snail sloooowly move without feeling any substantial progress.

It's ready to be overtaken by other "authentication solutions". Or rather, lagging behind the whole time. But who knows, there is a saying "slow and steady wins the race", and that's exactly what I'm doing now. I still work on it every week and small habits also get things done over a long time.

The solution attempt

There is only one way to put this on the fast track: time & money.

My current workplace did not support this project. It costs my precious working time and does not earn money. In other words, it's not a profitable endeavour for the company. I can't blame them. The other reason is a bit more subtle. The top brass prefers to use "big brands" for authentication rather than some yet unknown project. This is another ice difficult to break through. But I'll talk to them again, to see if there is a way I could spend some time on this.

Alternatively, I also recently applied to "Prototype.Fund" which is some funding initiative for open source projects in Germany. While there is no guarantee to be selected, I do hope it goes through as it would be a silver-lining to get started. At least, I could develop freely without digging in my employer's pockets. My major project at work should also be settled by the time the funding start, so the timing is right. We'll see, let's cross the fingers.

I even considered pushing all my cards into it, resigning and working full time on it. However, this is too risky for me. I got family and need financial stability, it's too big of a gamble. Not to mention that earning a stable income with a free public service is challenging.