You're underestimating the work that's been done in secure password managers in the last few years.
Check the whitepaper Apple published regarding their iCloud Keychain mechanism.
It generates secure passwords, locks them with a passphrase, but also makes them available on all your devices, not just one (which, if it breaks, you're locked out of all your services).
Using hardware for tokens is secure and simple, but it shows a severe lack of imagination. I only see hardware tokens as useful for very high security logins, like bank accounts, where the apparent inconvenience is at least justified.
Check the whitepaper Apple published regarding their iCloud Keychain mechanism.
It generates secure passwords, locks them with a passphrase, but also makes them available on all your devices, not just one (which, if it breaks, you're locked out of all your services).
Using hardware for tokens is secure and simple, but it shows a severe lack of imagination. I only see hardware tokens as useful for very high security logins, like bank accounts, where the apparent inconvenience is at least justified.