Instead of remembering an infinite number of passwords, the following paper describes a method of using PGP as an authentication form to both verify the client and the server.
A reference implementation will be published once done. If anyone has tried this, please let me know of your results.
Download PDF