Biometrics is a horrible security idea. It fails half of the critical requirements a security method needs. If it's compromised (and the number of breeches per year says it WILL be--quickly) you can't change it. Easy to change a password, not so easy to change your fingerprints or retinal patterns. At best it's only good for local authentication, and even then it shouldn't be trusted. (Look at the court rulings that say you can be forced to unlock a fingerprint device but you don't have to give up a password).

Password managers are another bad idea. Yes, you can use a randomly generated password for each site but A) what happens when your password manager is compromised (already happened once that I know of) or what happens when the password manager's data is lost in a hard drive crash and there's no backup.

And don't say "cloud backup", that just makes it easier to have all your passwords stolen in one go.

As bad as they are, passwords are the best solution we've ever managed to come up with that meet all the needs of authentication. They aren't perfect, but better than anything else we've tried.