[jimis]

Thanks for the link to OPAQUE. It looks indeed much better than SCRAM-SHA, I like how the draft underlines that "clients never disclose their password to the server, even during registration."

Do you know if/when it is considered for implementing in the major browsers? Given that even SHA256 digest implementation is missing and that OPAQUE seems much harder to implement, I wouldn't be surprised if it takes another decade.

Regarding not using passwords at all, unfortunately this is not something I can use as a web user with 100s of logins.

[tialaramex]

No, I doubt it would be considered for browsers in the immediate future. OPAQUE was chosen by CFRG as the asymmetric PAKE that IETF protocols should choose by default in future. If you're designing a new protocol and it needs (or should usefully have) an asymmetric PAKE, then the IETF would prefer OPAQUE.

For a web browser, as I wrote, the correct thing is to push hard for WebAuthn.

You are correct that as a user, today, you are obliged to have some sort of password store if you want reasonable security, but that's a constraint imposed by the past, rather than a way forward.