At no time in human history have so many people used so many "secret passwords" in order to go about their normal business. Password overload is common, and what a lot of people do is just give up, and start using the same password everywhere. Something that needs more security now has less.
On the personal level, there are ways to come up with a few ID/Password combinations that you can use to access low priority sites where security and privacy are not big issues. I can appreciate the advantage of customizing a website based on the needs of the user, so the idea of authenticating a user makes sense. The need for a good ID/Password system becomes critical for financial accounts and business transactions.
At the lowest level of security, you can come up with a simple system for many sites that use a combination of alphanumeric characters and symbols. It’s better than using names or dates and gives you some peace of mind. When security and privacy are important, one would think that a strong password can be used for all your accounts. That’s not always possible because of requirements of the system. Length is the least of the challenges as upper/lower case, symbols and expiration dates will vary across sites.
The problem is compounded dramatically in the corporate world. Brokers representing many insurers need to manage staff passwords for internal systems and all the ID/Password combinations required by their trading partners. Will there be a better way to deal with all of this craziness? Will there be a biotech, DNA, 99.9% foolproof solution? Perhaps, but it makes no sense to do nothing.
I am pleased to introduce you to the ID Federation. Their mission is to provide our industry with common legal and technical standards to remove the need for multiple passwords while increasing security and the ease of doing business with one another. Below is a link to their website and the first issue of the newsletter. Cal Durland (ACORD) attended the meeting this week in Boston. Go to the website, register and get involved
Trust Framework
Download Trust Framework Newsletter Issue 1