[shameless plug, but apropros] - my company's Kaje Picture Passwords for the Web would have prevented these attacks almost completely. (I say "almost" because, well, "never say never".) We published a press release about this two weeks ago: Bright Plaza offers “Kaje” Website Security Solution to Russian Hacker Password Breach. Using Kaje, the password is no longer stored on the website so these breaches could not have exposed the passwords. Kaje never knows anything about the user other than the anonymous ID sent by the website.
Had all those websites been using Kaje, these breaches would not have resulted in the huge potential liability and recovery costs that so many businesses will be facing. From Sony a few years ago to Target and EBay recently, and now this Russian thing, password breaches are causing billions of dollars in damages, often borne by website owners - in some cases thousands of dollars per user. Health care and financial services websites are particularly subject to financial penalties from regulatory bodies as well as civil litigation. In comparison, the Kaje service costs fractions of a cent per use for large users.
A Picture Password, which was demonstrated to be easier to use and more secure than text passwords by NIST as early as 2003 (using an earlier, less secure methodology), is more difficult to crack as well as resistant to man-in-the-middle attacks. The Kaje service has an HTTPS RESTful API, is compatible with OpenID, SAML, and other SSO systems, and plugins are available for Drupal and WordPress with others coming soon. Using Kaje basically requires SSL, one or two additional columns for the anonymous ID sent to Kaje by the website The first 10,000 uses are free, so smaller websites can use it for years without paying anything, while larger ones can try it out, do testing and prototyping with no cost or obligation.
If anyone is interested, check out Kaje or contact me through the website. We're looking for both website (customers) and web services (hosting, CMS vendors, developers), who can apply to be Kaje Affiliates and receive a commission from us by offering discounts to their customers.