What is security's silver bullet?

How many different user IDs and passwords do you have to remember in order to access the applications and services that you use regularly? I did a quick count of my own pool of alphanumeric lines that are swimming in my memory bank... There's one for each of my four Web e-mail accounts, two to access my company's e-mail and content management systems, one each for the two IM accounts I have, at least five others for the various member accounts I maintain at sites like Amazon.com, PayPal, The Sims 2.com and LinkedIn...I stopped counting after 10. The number got so voluminous that, I confess, I resorted to storing some of them--specifically those I seldom use and have a higher tendency to forget--in my Palm. It's bad security practice, I know, but at least I didn't jot it down on a PostIT note and try to conceal it under my keyboard. Human error is often cited as the biggest loophole in a company's security strategy, so it comes as hardly a surprise that another security expert this week pointed to computer users as the "least educated" when it comes to adopting proper security practices. He also highlighted fixed passwords as generally a "dangerous" tool because, unlike one-time or token-based passwords, they remain unchanged until users are prompted to renew their password, usually after a 60- or 90-day cycle. But, as ZDNet Asia reader Wendy Goucher points out, businesses need to do more than simply dismissing the role that employees play in helping to preserve a healthy level of security for their company. I'm unsure though if it'll take tools like token-based key generators or the complete abolishment of passwords to put an end to a company's security woes.

RFID chip implant in a hand source: blogger Amal Graafstra

Over the past years, devices and technologies like smart cards, Java-based cards, USB-enabled security tokens and biometrics, have been touted as the answer. Years later, most PCs today still don't come equipped with a card reader, biometric technology hasn't been perfected, and those handy security tokens can be easily misplaced--just as passwords can be easily forgotten. Suffice to say that the problem with security isn't a simple one to solve and the silver bullet is unlikely to come any time soon. Perhaps it'll take a human chip implant to eradicate security threats, but until that day comes, the best defense will require a combination of user vigilance, regular administrative checks and further technology advancements.