@switchingsocial@mastodon.at Dongles (hardware-based multi-factor authentication) are a great replacement for users and site owners. See https://www.dongleauth.info/dongles/ for a list. This also decentralizes "single" sign-on!

If hardware is not an option (yet), site owners should probably ask their framework-development community for a locally-hosted replacement such as https://django-simple-captcha.readthedocs.io/en/latest/ - any replacement that is not locally hosted is not really a solution.

Happy to discuss more by email.