Certificates are a form of password and I don't think they will go away, ever. And before you can get yourself a certificate to some server, you will first have to enter some credentials. So there's a server farm with 500 servers and you need to connect to server 237. How else are you going to do this if not by entering a password and then getting yourself a certificate?
And normal websites don't even make use of the awesomeness that are certificates, because that's a lot of extra effort on the side of the webmaster.
[–] sohelpmehannah 0 points 1 point 1 point (+1|-0) ago
The mind is the only thing that can't be duplicated (for now). Any other system, be it biometric, physical token, or other, can be eventually duplicated.
[–] El_Syd ago
The trick is to make it complex enough to take a long time to circumvent and change it before that time.
[–] sohelpmehannah ago
I'm not sure sure if you are talking passwords or biometrics, etc.
For passwordless options, duplication is only one problem. Once a biometric, for example, is duplicated, then it compromised and can't ever be secure again. It will be insecure whether either physically compromised or numerically compromised.
There are only a limited number of biometric options.