Since we must use password managers to cope with passwords, we might just as well replace the passwords with crypto keys anyway. Once we have crypto keys we can do anonymous credentials. There will be no leaked password databases as the server only stores public keys.
We need a lab that pushes the students beyond identity based authentication. What do they actually need to authenticate? Usually not the identity.
However, sometimes a password is the right thing, like protecting the password/key manager. (Sometimes a biometric can be used here, which is a password of sorts.)
Since we must use password managers to cope with passwords, we might just as well replace the passwords with crypto keys anyway. Once we have crypto keys we can do anonymous credentials. There will be no leaked password databases as the server only stores public keys.
We need a lab that pushes the students beyond identity based authentication. What do they actually need to authenticate? Usually not the identity.
However, sometimes a password is the right thing, like protecting the password/key manager. (Sometimes a biometric can be used here, which is a password of sorts.)