The solution is not to get rid of passwords. It is for people who run websites to pay attention to security. For example, I run a small social media site. On my site, users' passwords are stored 256-bit encrypted with a long salt. So, even I can't decrypt them. If they are stolen, it isn't really a big deal, because all the thief has is gibberish. I also do not ask users for ANY private information, so there is nothing else on my server that a thief might want. Josh Moon seems to me to be too smart to store passwords unencrypted on his site, so I hope you just misinterpreted what he was saying.

By the way, I have been following the drama surrounding Kiwi Farms, and it is a fascinating illustration of the current state of free speech on the Internet.