Jim P. - I also thought that more secure meant less useable, until I realised that we are looking at securing the wrong way. Instead of the Accept\Reject model (ie. user name\password great for computer to break, bad for human to remember) why not be more human like and security via reference and familiarity. You do totally lose privacy and the system "knows" you but you do get a much more secure and useable environment.

Reference and familiarity = resource sensitivity dependency on required user access or Authent-a-Key as I like to call it.

eg. How about having low secure read only activities like running a report only require a user name, but it's how you enter the user name that the system can decide on if you are you or not. It's the speed of each letter press, the time of gap between letters, and the prior stats determine and if the system can't know for sure, the fail over to getting another human to vouch for you.

What about other access methods that cannot be forged? Like pass-sound, pass-click, pass-highlight, pass-drag, etc.

They all promote a model where an intruder can only get so far unless they actually are you.

The bottom line is only require enough security for the sensitivity of the task; instead of all or nothing.