To Jonathan LeBlanc, global head of developer advocacy at PayPal, the problem is simple: "Passwords are not secure, they need to be replaced."
That's the basic premise of a presentation he's giving at tech gatherings around the world called "Kill All Passwords."
"Passwords are so complex it's just a system that doesn't work anymore," said CNET editor Dan Ackerman.
When you have too many sites asking for too many passwords with varying requirements -- must be at least eight characters and have uppercase and lowercase letters, a number and a symbol -- and more usernames than you can recall, you end up simplifying your way out of security. Consider that the most popular passwords of 2014 were "123456" and "password."
The solution? According to LeBlanc, it's time to start seriously considering a selection of audacious alternatives. Some startups are developing tools to recognize your eyes or face as your login credentials, and Google has started toying with a smart contact lens that measures tear glucose. In his presentation, LeBlanc pushes it even further, to ideas such as wearable circuit board tattoos, brain chip implants and password pills that effectively unlock your devices from inside you.
The medical industry has already developed ingestible devices that can be used to photograph the inside of the digestive tract, and swallowable sensors that can be powered by stomach acid. LeBlanc suggests that this kind of technology could be leveraged to use "your body as the ID" that gives you access to your secure accounts online.
And forget fingerprints; there are better biometrics to be had. LeBlanc told the Wall Street Journal PayPal is working with companies creating scans of the veins in your hands and arms, or bands that measure and recognize your unique heartbeat.
If it all sounds a little sci-fi, that's because, LeBlanc admits, some of it is. "I ground a lot of my talks in reality," he told the Journal, "but toward the end of the presentation things get a little strange."
In a statement to CBS News, PayPal said, "We have no plans to develop injectable or edible verification systems. It's clear that passwords as we know them will evolve and we aim to be at the forefront of those developments."