I started a thread a while ago talking about passwords and many of you suggested that there were other solutions such as smart cards, SecureID's and Biometrics. Now, the question is, which is better? We all have our own ideas so here is mine:
It Depends! Yeah, that was a cop out, but at the end of the day, many of the answers depend on your challenges, desired level of security and budget among other things. Over the years I have installed a number of systems for different purposes; Single instance password schemes & Secure password stores for application / network authentication, Secure-ID and smart-card solutions for Remote Access. Biometrics to replace password login on workstations. I do however think that the systems have often missed on big question; How many different passwords should we need? Is the solution a bringing together of the technologies to allow for things like Authentication Federation to allow you to securely sign on in one location and your credentials to be used to gain access to other systems. One such scheme was the Passport. Whatever you think of this, Passport didn't work... so onwards.