This is just an idea I had recently, maybe is there a system that implement this. Anyway here it is.
Public keys are used in cryptocurrencies to validate that a message was sent by the Private key owner. Using this method we could login to a system without needing to store a password at all.
Currently many systems implements Many Factor authentication like using Google Authenticator to validate one's identity.
The problem is they still rely on a secret key that both the server and client knows.
Using this method we could login using a key that only the client knows.
The public key can be stored in the servers without risk, since it's made for public use. The server could associate this public key to a single user and when they want to log in they just input their username or public key address.
This random number must be put in a signed message using the private key, that only the user knows. This will create a signature that the server could validate using the public key.
This random number could be a One Time Password so they will be only valid for a short amount of time.
This signature identifies that the user owns the private key associated with the public key. So if the signature corresponds with the random number requested and the public key stored, the server considers the login sucessfull.
Server returns a JWT Token that authorizes requests to secure endpoints in the API or secured places in the app.
You can use any public and private key generator using your favourite cryptocurrency wallet for Chaucha, Bitcoin, Ethereum or any other crypto.
Maybe an app could be made so it's easier to sign messages and send them to the corresponding endpoint. But the manual process is not too hard to do either.