To paraphrase Blackadder
"there are two tiny problems with that theory..."
The two major misconceptions here are:
[1] that the problem is primarily "weak passwords". Yes, the passwords exposed by major offline cracking attacks are generally weak, but before offline cracking can be carried out the authentication server has to be breached so the password database can be stolen. That is the real root problem we have to solve, and it remains regardless of the authentication mechanism in use. There must always be, somewhere, a record of legitimate credentials in some form or other to compare authentication attempts with. It may be made more difficult to abuse it, but the threat cannot be eliminated.
[2] that biometrics should be used for authentication. Biometrics are validly used for identification, as the identity of a supplicant is not expected to change. But using a biometric for authentication (i.e. validating that the supplicant has presented their legitimate identity) is fundamentally flawed. The reason is simple - how do you change the credential when it gets compromised? Eye and fingerprint replacements are still the stuff of Hollywood, and will remain so.