Passwords suck. Even with SSO, even with a password manager, even with salting and hashing, passwords suck, and will always suck.
You need an authentication token. *One* authentication token. Microsoft can do it, Google can do it, Facebook can do it (but of course they are not compatible).
Millions of little websites still use passwords.