And those experts have designed something entirely inappropriate for non-corporate users (who can't just have IT reset their credentials) largely solving problems no one has while introducing real problems (e.g. accidental self-DOS and backdooring device attestation into the web again).
Browser generated strong passwords with auto fill exists today, pretty much solves all security concerns, and doesn't have the same pitfalls.
>From the perspective of the security experts who designed the system, it's a feature and a requirement.
Great, all day I dream of making someone else's job easier by adding hassles to my life.
What's next from the "security experts", booby-trapping front door entrances to deter thieves?
Oh, I have another idea. Let's restrict the number of accounts people can have to, like, two, so that they don't have to struggle with remembering passwords! From the perspective of IT helpdesk, it's a feature and a requirement.