A convenient option has been gaining ground: Internet-wide single sign-on services run by the big OTTs. There is such a need for a simple solution that almost all websites quickly started to let you “login with Google” or “login with Facebook”. Or with Twitter. Or with all of them: just pick one of a list of ten providers and use their credentials.
This is a step forward, since you only need to remember the passwords to your social network accounts, and use them everywhere else. However, it poses a huge risk to your privacy: do you really want an monopolistic conglomerate whose business is based on monetising user information to know all the places where you log into, track you as you move among these services, and exchange information on you with them?