Fixed passwords?
Each chain is as solid as its weakest link: this often proves true in access control. Especially when fixed passwords are used.
These fixed passwords are considered a major security risk: they are likely to be written down, copied, e-mailed and re-used.
Social networks
Man itself is a weak link as well. One tends to choose passwords that are easily remembered, such as names, brands or birthdates. Using a bit of social engineering will easily produce such data. Especially in this day and age, with people publishing their social lives worldwide though social networks such as Hyves and Facebook.
Strong authentication
In order to improve secure entry to networks and systems, it is wise to apply so called 'strong authentication', also known as 'two-factor authentication'. This implies that a user authenticates using something he possesses and something he knows. Usually, these two 'factors' together will generate a so called 'one-time password', a password valid only at the time of logon. At the next logon, a new password is requested. This system is certainly not a novice anymore, for decades now it has been applied in electronic banking and online banking.
Tokens, smartcards, SMS
Strong authentication is available in many different shapes and forms, such as the hardware token, often called 'digipass', and the smartcard. A more recent example is the software-token, which uses a Smartphone. Or an SMS-token, through which the user is offered an access code via SMS when he wants to log on.
VPN
Access control is oftentimes applied within Teleworking environments based upon SSL VPN and IPsec VPN. Many vendors have prepared their systems for this technology, using the so called RADIUS protocol. Web servers also an be easily configured with access control using tokens.
OATH
The latest development where tokens are concerned, is the OATH-standard. It is an open type authentication standard that allows mixing tokens from one vendor with authentication-systems from another.