Everyone knows usename and password is not enough. Stop blaming users for your flawed security implementations.

How about we stop reinventing the wheel and come up with a SAFE, SECURE, REUSABLE online identity. Something tied to more than just a password. Oh wait, it's already done: http://openid.net/. Seriously, I am tired of hearing about every site needing a unique 12+ character mixed case letters, numbers, symbols password, that's ridiculous and works against rational user friendliness and usability design constraints.