Passwords certainly should not be used for most security applications, except to decrypt user-keys.
The analogy is simple... when you go to work today, is someone standing at the door asking you to "say the magic word?" No. You swipe your badge,
which was issued to you and only
to you, and which you cannot replace if you lose it at the local bar. (If you do
lose it, the security department immediately invalidates it, so that the other
drunken fool can't get in.)
Meanwhile, no one else is inconvenienced. (They're just as hung-over as you are, but they didn't lose their badges.)
The key is encrypted so that no one else can "trivially" use it after stealing your laptop at the airport coffee-shop (because you were too hung-over to lock it to the table). But the key is unique,
and it is unforgeable. That's where the security comes from. If your employer fires your besotted
, say for public drunkenness, no one else is inconvenienced.