Ever logged into a PC at work.. entered your password 3 times and locked yourself out of your account.... Then you need to phone up your IT helpdesk and get your account unlocked.
So you give them your username and they unlock your account, but your still unable to login.. so you ask them to reset the password and then the 1st time you login you have to change your password.
So then......... your logged in...
but how secure is that... NOT VERY!!!!!
How do other IT departments work and deal with this?