Okay, awesome. This makes me contemplate the following: physical identity links (such as yubikeys) are necessary in a real-world situation where credentials need to kept as securely. However, what about cases that do not need such levels of security? It may make sense to have two groups: simple "identity assertion" & secure individual link. Do you feel me? For many of my projects a compromised account would not be disastrous, or any more disastrous than a compromised HN account. It's simply a matter of ease-of-participation that one needs passwords in the first place for many of my applications.

Do you think a "drawable" password would be cool?