I believe you don't often write down your private keys, passwords, api secrets or auth tokens on paper forms that you then submit to various institutions you have no control over, right?

As a comparison, your SSN is used all over the place, you will need to disclose it regularly (rent an apartment and your landlord is likely to request a credit check, you'll give him your SSN). A number of people and institutions will have access to it. It is not a secret. It should not be used for authentication and no one should assume it somehow secret, because it is not.