November 04, 2010, 12:07 PM — Here's a great idea: Every IT staff complains about how much time it takes to fix users who have lost, forgotten, or neglected to refresh time-limited passwords.
In a perfect world it would be completely extraneous. Unfortunately humans are involved in the security process, so there will always be calls from people who lost the post-it note they had taped to the monitor and can't get into all the financial and procurement databases (the kind of call that warms a CISO's heart).
How about using Facebook instead? The privacy-challenged social network of choice for U.S. business users extended Facebook Connect to let smartphone users sign on to multiple Web sites after signing on to Facebook, using the same APIs and tools the service has used since it debuted in 2009.
Every company needs better password management to make things more convenient and secure. Facebook Connect is a move in the opposite direction.