For those wondering about still needing to sign in to the browser or cloud service, this is where something like a smartcard, keyfob, or other physical authentication device would come in handy. They are unappealing in today's world of separate accounts on every site, but under this scheme (when paired with a quality account recovery service) it makes a lot more sense. I'm curious about how we would prevent a malicious (or temporarily hacked) web site from showing a specially crafted sign-in page to the browser, and having the browser send along your private information to the wrong place without you every noticing. It seems... exploitable. Also: captchas are not appealing to me for this. But I reference my first point: combine it with a hardware security key, and maybe the hardware key allows you to bypass the captcha.