[ectospheno]

The issue with one time pads isn't their security. That's fine.

The issue is key management. Both parties need the same key and it has to be at least as large as the data you want to send. Each set of parties needs a different key.

If you had a method to securely transmit such keys then you could just transmit your data over it instead.

This is why one time pads are only used by countries to communicate with staff overseas. You can send the pads by diplomatic courier for use in communication later. There is no equivalent mechanism for your web activity and every site on earth.

[mabynogy]

Yes there are. The two parties need to agree on a common source. It can be a file somewhere on the web (an image) or a something that doesn't exist yet.

That's what happens with passwords.

[Sohcahtoa82]

How are the two parties supposed to agree when they've never talked to each other before?

If I connect to https://www.SomeWebsiteIveNeverVisited.com/, how is the web server supposed to tell me where to get the key? Or if I, the client, am choosing where to get the key, how do I securely tell the server where to get it?

Passwords work because they're being sent over TLS which we've decided is "good enough".

[mabynogy]

Those problems exist with current systems. There is a phase where the two parties must recognize themselves and agree they are legit.