The most irratating about on line secuirty, or security in general is the difference in passwords, some are alphanumeric, some 4 digits, others 6 etc. Trying to remember which password for which agency is painful, especially if only use the system once a year or so. I also have to have passwords for work for computer access, which is more passwords. Work I have written down as they change but others I try to keep different, so if obtained, any person can only access the one site or agency.
On the other hand today I had to call a phone retailer for only second time since first call to join approx 12 months ago. They asked for password, which I knew/guessed half, they then asked other questons to verify my id, but the questions in hindsight were pretty straight forward. I didn't neeed to change any critical information, but all went smoothly, but it would have been a problem if they insisted i know the entire password correctly, but worrying that with basic informaton known, accounts could be accessed.
Having passwords remembered in a computer is problematic, same as recorded in mobile phone, or even written down, some criminals are not stupid.
On a side note, the new paypass on mastercard is prime example, no pin or anything, the criminals will quickly know the limits each retailer has before pins required and as soon as wallet stolen, they will shop til card stopped. Where a baseball cap etc, very difficult to id from cctv, which is always high up in stores.
)
