To get to this point I had to enter a PIN for my computer and password to get to this site, I also had to enter a PIN for my phone as well (though that's not related to this). When I was at Littlewoods in 1980 we had to use a swipe card and enter a pin. These days it's often just a swipe card, even for payments, so if someone picks up your card they can use it.
I still maintain that the only safe place for a pass key is in your head. People extol the virtues of password keeper systems, but come on , would you give your house keys to a nameless entity, and what if someone cracks the password you use for that.
Then there's fingerprints and retinal scans, a friend of mine emailed work telling he'd sanded off his fingerprints so couldn't get into his iPhone , so what could he do. I think there was a work round but again corporations are always supposedly saying they are increasing security by making things less secure. How often do websites and Google suggest them remembering your password? So if someone walks up to your computer and you are not logged out they then have full access.
Also too complex passwords are no good because people write them down, I see so many people go into notepads to get their password for whatever they are accessing , so I know where THEY keep their passwords.
The other thing is more that four passwords, is a security risk, because people start to write them down.
My passwords are variations on unmemorable phrases like say fishandchips or kilburnandthehighroads , though needless to say mine are nothing like that.
As I mentioned Kilburn and The High Roads (Ian Dury's old band) , I found this live take of "Vidiot" for you to enjoy, though it was only ever performed live, I have been unable to find a recorded version.