Doc Searls summarised our current security situation so succinctly last Wednesday, this introduction is longer than the quote itself:
The best we can do with passwords is the best that password managers can do.
I’ve written before that even getting password managers widely adopted is an uphill battle, let alone the fact they don’t solve the root problem either. Ultimately we’re still anchoring our trust with a word or phrase (we hope) that only we know.
There are compelling alternative auth systems today, but we’re stuck in a chicken and egg scenario where widespread adoption is hampered by a lack of understanding, which exists because there’s no widespread adoption. But I feel like something has to give soon.