Passwords are lousy. Really lousy. As you point out the problem isn't with the security of them (when properly applied) but because it's all just so klunky and annoying and different websites have different implementations.
I know at least two websites that ask for a username, a password, and they also give a capcha. I have some websites that won't let Chrome save my password.
Really, I want a hardware thing with a long secure passphrase, that has all my other usernames and passwords (12 character alpha numeric with upper and lower case) in it, that confirms my identity to all these different websites. (Can I do this with Yubikey? or anything else?)
Yubikey works well but its only valuable when more number of websites support it.
Similar project without the hardware is mozilla's persona, which is an open standard
if im not wrong and it is better than signin using fb or gmail,
as it wont be sharing any user data with website.
I know at least two websites that ask for a username, a password, and they also give a capcha. I have some websites that won't let Chrome save my password.
Really, I want a hardware thing with a long secure passphrase, that has all my other usernames and passwords (12 character alpha numeric with upper and lower case) in it, that confirms my identity to all these different websites. (Can I do this with Yubikey? or anything else?)