The point is that there are no alternatives. This isn't a design problem that as programmers we can fix. There are plenty of existing security systems that fit the bill. It's a human problem.
For example, one technical fix is a widely deployed public key authentication system. It would take a company as large as Google to force people to adopt it, however. Plus operating systems would have to start shipping the software to make the average user understand it. Private key creation would need to be integrated into the create user process of Windows and Mac OS X. That's not realistic because there is little profit for the companies involved.
How many non-technical people are actually using OpenID? (For that matter, how many _technical_ people are using it?) Actually using it, not having some OpenID thing that they don't know about...
For example, one technical fix is a widely deployed public key authentication system. It would take a company as large as Google to force people to adopt it, however. Plus operating systems would have to start shipping the software to make the average user understand it. Private key creation would need to be integrated into the create user process of Windows and Mac OS X. That's not realistic because there is little profit for the companies involved.