How many different user IDs and passwords do you have to remember in order to access the applications and services that you use regularly? I did a quick count of my own pool of alphanumeric lines that are swimming in my memory bank... There's one for each of my four Web e-mail accounts, two to access my company's e-mail and content management systems, one each for the two IM accounts I have, at least five others for the various member accounts I maintain at sites like Amazon.com, PayPal, The Sims 2.com and LinkedIn...I stopped counting after 10. The number got so voluminous that, I confess, I resorted to storing some of them--specifically those I seldom use and have a higher tendency to forget--in my Palm. It's bad security practice, I know, but at least I didn't jot it down on a PostIT note and try to conceal it under my keyboard. Human error is often cited as the biggest loophole in a company's security strategy, so it comes as hardly a surprise that another security expert this week pointed to computer users as the "least educated" when it comes to adopting proper security practices. He also highlighted fixed passwords as generally a "dangerous" tool because, unlike one-time or token-based passwords, they remain unchanged until users are prompted to renew their password, usually after a 60- or 90-day cycle. But, as ZDNet Asia reader Wendy Goucher points out, businesses need to do more than simply dismissing the role that employees play in helping to preserve a healthy level of security for their company. I'm unsure though if it'll take tools like token-based key generators or the complete abolishment of passwords to put an end to a company's security woes.
RFID chip implant in a hand
source: blogger Amal Graafstra