I'm not really knowledgeable enough to rate different solutions, which is why I resorted to ranting rather than articulating a good alternative or working on one myself. Security is something that I have to do rather than something I am personally excited by, and I don't actually want to be encrypting everything for the same reason that I don't want to live in a bank vault or build a ten foot wall around my property.

I guess what I'm saying is that I will pay for a frictionless system whose operator is prepared to place a cost on failure, same way that I am willing to pay for a decent padlock or mortise lock for my physical property. It doesn't have to utterly impenetrable, but I would like the security provider to have skin in the game.

I thought openID was an excellent idea; I'm not sure why it didn't take off, maybe Google took too much of a monopolistic approach or something.