You don't have to identify yourself with a "random Joe's website". You can read the comments here without identification, you can seach for flights without identifying yourself, you can search for hotels without giving away who you are, you can read the news, watch YouTube, etc.

But when you want to access something that should only belong to you, e.g. your bank account, your Google Drive files, your private emails, etc. then you must find a way of identifying yourself with given website. Username/password is one way, biometrics is another way.

Only my family has permission to enter my house. When someone enters my house who doesn't look like my family, then they can throw around all secrets, passwords and usernames they want, I'll kick them out, because in my eyes they don't pass the ultimate test of verification, namely biometrics.

So far we were unable to provide the same level of identificaiton via the web, but technology is changing rapidly, so I don't see why username/password are always going to be more secure. On a theoretical basis it doesn't make sense. Because inforation can be easily shared, spread and copied. My physical composition not.