I was thinking the other day about the insane number of usernames/passwords that users are expected to remember nowadays. You have to login for so many online services, things are just getting out of hand. Strictly speaking, you should use a unique password for each account. And you should be changing passwords about once a month to be on the safe side. But is this feasable?

People have to remember so many passwords that they often just use the same one for every account which is not a good idea. But it beats forgetting you password some people would argue.

It would be interesting to hear what people think about this and get ideas for a better way to manage this problem. For example, could there be some sort of central authentication process that can be used to provide access to multiple sites/accounts and what would be the security implications of this?