[dredmorbius]

PKI and physical tokens, preferably not involving plugging into any ports (NFC devices) have been my suggestion for most of a decade now.

Passwords were adopted when comuting was something that occurred at a specific facility and the goal was to keep the people, largely the users one already knew of, out of one-another's accounts and data.

The persistence of passwords in a world of global access and billions of devices is ... ludicrous.

And the failure of both enterprises and governments to identify better standards and practices is criminal.