No more passwords

Reflecting the exaggerated claim syndrome I mentioned a few days ago, New Scientist recently carried a quote on quantum key distribution (QKD*), where an encryption key is randomly generated when needed from a quantum source. Apparently John Rarity of the University of Bristol told the magazine that you will soon be able to pick up a batch of keys on a credit card sized device, perhaps from an ATM, and use them to login to an account, such as your bank.

'You would never need to remember a password or pin again, QKD does all the work for you.' Was the dramatic pull quote.

Leaving aside the fact that most of us are less likely to use ATMs these days than we once did, what isn't all that obvious is why this is any better than, say, storing a very strong password on your phone. In either case all someone needs do is steal the device and they're in. Which means the the device needs to be protected by either biometrics or, duh, a password or PIN. So how does this improve security?

I've contacted Dr Rarity asking if he could explain, but as yet have not had a reply.

* Not to be confused with WKD, which I believe is an alcoholic drink.