So, given the lack of security around systems maintaining passwords, what is your preference?
Do you demand two-factor authentication (like most UK banks, and paypal in the USA)?
Do you like openID, so you have fewer passwords to remember?
Do you like keyPass/LastPass/other password management tools to keep them all straight?
Does your organization implement SAML to secure applications (so you only have one internal login mechanism to monnitor)