We really, really need to move away from passwords as the primary security mechanism. Let me count the ways:<p>(1) We cannot make people choose hard passwords. We just can't. As proven by recent leaks in which people still, after a million warnings, have the dumbest passwords.<p>But the problem is more serious: the goalposts keep moving. The current standard - something like 10 random characters - is nearly impossible for people to remember. I use longish passphrases anywhere this is allowed, but it's blocked in lots of places, because, well, we can't have the network overloaded with the extra 19 bytes of data.<p>(2) Shoulder-surfing and keyloggers are capable of permanently hijacking passwords.<p>(3) Password managers do not provide the improvement we need - we can discuss this separately.<p>Who is with me for making <a href="http://en.wikipedia.org/wiki/Security_token" rel="nofollow">http://en.wikipedia.org/wiki/Security_token</a> absolutely ubiquitous? One additional thing I would like, which I think is still not present in any of these devices, is the ability to compute challenge-response internally, without relying on a client program on the computer. Internal computation of challenge-response would make us safer at untrusted terminals.