Found an article on CNET News which details a survey done in Britain. It showed that there is a directly proportional relationship between the number of passwords one has to remember for work, and the number of unauthorized accesses on the company’s networks. Here’s the link to the CNET article.

Having been a director of IT twice in my career, this is a no-brainer to me. And here’s another thing I’ve found: the more inane the password rules are, the easier you’ll make it for your users to write their passwords down on a sticky note, which they’ll store either right on the screen, under their keyboard, or in the top desk drawer. If you’re going to use passwords, you need to strike the RIGHT balance between password security and real-world usability. Sadly, many companies fail in this area.

Seems the way to go is single sign-on, with added proximity devices if needed.