Biometrics my ****
I think we all know the stunning fallability of biomteric technologies and their witless merchants - all now over funded to aid the war on terror, and all achieving fairly similar results.
So we're back to Single-sign-on. A nice idea, fundamentally flawed without tiered access and multi factor authentication. Agreed, multi-factor authentication is a pain and does somewhat fly in the face of conveniance, but that's life.
This is not a question of whether users can put up with multi-anything. It's whether the company requires this to be the case. I don't know about you but our company is not run as a social or charitable exercise. We hire people, we pay them and they do as they're told. Sure, we may all dress it up into nice touchy-feely work-balance discussions and give them free vending machines and stock options. But the hard and fast is - employess do what they're told, if they don't like it they don't work here.
I strongly believe this is the major problem with security of anything electronic. Organisatons work on the basis that the user is king, that productivity and conveniance must not suffer. It's crap - a painful hang-over from Project Management gurus (charlatans) making far too much money by Keynoting about user-centric projects and how they deliver the value. Rubbish. The user does as they're damned well told, they are a cog, nothing more and nothing less.
If you want to deliver a good secure environment - and run a project that delivers value - you start with what you want to achieve and work back. The user can be squeezed into any box you require, and the systems will run accordingly.