There are plenty of better ways already. A simple public/private keypair would go a long way towards this goal.
The problem is that everyone working on crypto products focuses on just developing technology, often attempting to make existing crypto systems easier to use for ordinary people. This is fine, but it's only a partial solution. We need to educate people who don't know and don't care about proper security. Nobody is going to use the most secure and easy to use crypto system if they don't see the benefit and think that a SSN or a driver's license is a good way to show their identity.
There is a lot of hand wringing about how hard it is to get ordinary people to take security seriously, but honestly this is a problem that will solve itself given enough time and enough breaches such as this. Until people understand that only secret information--which they and only they know--can be used to authenticate them and protect their information, this will just keep happening.
The problem is that everyone working on crypto products focuses on just developing technology, often attempting to make existing crypto systems easier to use for ordinary people. This is fine, but it's only a partial solution. We need to educate people who don't know and don't care about proper security. Nobody is going to use the most secure and easy to use crypto system if they don't see the benefit and think that a SSN or a driver's license is a good way to show their identity.
There is a lot of hand wringing about how hard it is to get ordinary people to take security seriously, but honestly this is a problem that will solve itself given enough time and enough breaches such as this. Until people understand that only secret information--which they and only they know--can be used to authenticate them and protect their information, this will just keep happening.