http://newsarse.com/2010/08/13/if-you-can-remember-your-password-then-its-h…
Passwords suck, and people are a problem. Now, if we could distribute
RSA fobs to every editor ...
We could do a less secure, but more-secure-than-passwords alternative,
which is to use email or SMS as a one time password device. SMS is
obviously more secure than email, but would require us to ask people
for their phone numbers. We could also make a PKI infrastructure, and
allow certificate login, which is obviously safer than passwords.
The real problem with any system stronger than passwords, is that it
requires a level of complexity that would be difficult for us, and
either annoying or very confusing for users.
Respectfully,
Ryan Lane