Ask HN: Why is it so hard to get rid of passwords? - econner
======
Eridrus
They're cheap, they can easily be changed, they're compatible with everything
and everyone (including developers) is already comfortable with them.

U2F/Fido will probably take over in corporate environments, aided by SSO, in
the next decade or so, and consumers may follow, but recovery is a huuuuuuge
problem for those who can't punt that problem over to email providers.

------
zeveb
What would you replace passwords with? A token which can be lost or suborned?
Biometrics which can be stolen or faked?

Passwords are terrible, but they work.

~~~
daliwali
Any sort of public/private key would be pretty secure but humans would not be
able to memorize them. And there's the usability problems for normal people,
i.e. not knowing when to disclose public vs private key, generating them,
keeping them secret, etc.

