For those interested in continuing the investigation, we recommend:
: Passwords are archaic. Even with 2FA, phishing remains rampant. id.xap.rocks mandates hardware-backed keys or passkeys tied to biometrics. Your private identity key never leaves your device; the .rocks server only holds a public verifiable commitment.