I have regular nerd-arguments about it:
“All they have to do is break two of your passwords, and they can reverse-engineer your passwords!” - Maybe, if they have a super-computer… “It’s so much work” - Once. It’s so much work once. Then, it’s much easier than loading software or digging out a dongle every time you log into anything up until you decide to change all your algorithms… “What happens if you forget?” - What happens if you forget?
Imagine how amazing the PR would have been if the title had been: “User gets spectator seating for a SpaceX launch in return for lost handle”