Originally Posted by
peachfront
Nobody over the age of 23 or so can remember multiple passwords. Having a different password for every account is guaranteed hours lost out of your week every month -- if not every week.
No one can remember over some number of passwords, which is why there are programs like 1password (mentioned up thread) and splash id. There are other ways to do it. I easily have over 100 pairs of credentials I need to deal with, and that's just for personal stuff. Work is another set at least that many. Fortunately, it's only about dozen on a regular basis between the two.
Making the internet, online payment systems, banking, loyalty programs, etc more and more difficult for busy and older people to use DOESN'T work.
FIA (BoA)
does have a rather convoluted system in the name of security.
Not to single out anyone's suggestion, but the idea of having 3 passwords to log into an airline loyalty program is just...ridiculous.
It was not 3 passwords to log in. It was multiple access levels with a different password for more "privileged", less frequent tasks.
To avoid your concerns about it being too complex for you, it could always be opt-in or user set. You can set your first level to be 'all-access' and never use the additional security. Someone else can set their first level to read-only and their second to all-access.
American Express has optional fraud alert levels. Set it to alert you at $50 or $5000 depending on what you think a large transaction is, or turn it off and don't use it. Other security can be optional in the same way.
Multi-level access is already implemented in existing systems. Think of a retail outlet where the clerk needs to get a "Manager Override" to do something non-routine. Most of their transactions don't require this, and yes, the last words we want to hear are "I need to call a manager" but it also stops the clerk from 'refunding' their pal the entire contents of the cash drawer.
Point is, there are better ways we could be doing things with regard to all online systems.