To my mind passwords are horribly broken and not fit for purpose anymore.
Nearly every website you register for requires a password, for most users this is going to be tens or hundreds of sites. Most of those sites are probably going to be hacked - and a lot will be hacked this year - so you can't use the same password, as it'll soon be out in the public domain compromising all of your other accounts.
Add to that the fact that many websites implement passwords poorly, or in a down right dangerous manner, with random restrictions on password length or content. The link below leads through to a great blog from Troy Hunt cataloging some of the worse offenders, and they're pretty scary.
I think it's time for the password to be consigned to the scrap heap of history, and new authentication technology to become the norm. Let's stop trusting all these random eCommerce websites and forums to determine if we are who we say we are, and adopt a more robust solution.
Please be advised that in surveys we have completed, a huge majority of customers like our system with no password. Using your e-mail address as your password is sufficient security.