Ok, I scanned the comments and didn't see any postings of my main beef with passwords. EVERY BLOODY SITE think it's vital you have one for their site. Really. I don't care if someone accesses my grocery store's site and steals my shopping list or digital coupons. My world would not end if someone posted under my name on a news site (who would? I am a non-controversial old guy and nothing posted online intimidates me). If someone is so hungary they want to steal my loyalty tokens for a free sandwich at a local Subway, God bless them and go in peace.
Even shopping sites. No one is interested in items I've put in my wish list. The ONLY time security is important is on the payment/shipping page. But my credit card comes with sufficient security features provided the shopping site does NOT store that information and make it available without re-entering. Yeah, it makes check-out faster if I don't have to enter the info each time, but then I would have to maintain a password for the site. Not much difference.
How about this: sites give us the option to have a password, and we assume responsibility if we opt out. If we opt out, no personal information will be available on-line. If you want access to that area, THEN you go through a verification process.
My password strength on my financial accounts would be very strong (my brokerage account password is fourteen alpha-numeric characters long, with no sequential group forming a word.). Given the option, I would likely have nominal passwords, like 'me', just to keep out strays, on inconsequential sites, and it would be the same password on many sites.