The weakness I see with your proposal is the need for some kind of cloud storage for usernames and passwords: the end user will have to sign in to their authentication provider anyways. I you have to do that, why not just use OAuth? Sure, your proposal also implies that the default authentication provider / password vault be automatically filled in the browser so that the user does not have to say whether it's Google, Facebook, etc., but couldn't this also be done when using OAuth? Or is your proposal mainly about shifting the complexity of integrating with a third-party authentification provider from the websites to the browser?