I definitely like your point of view. I wish I could trust my users, say, with a pair of keys and a non recover account.

I guess password managers and pseudo-mail accounts (“hide-my-mail kind of”) are still in the game. Though the password manager would help with the pair of keys too