Post-it notes for passwords - an NHS option?

My colleague Philip Virgo who blogs for Computer Weekly and is Secretary-General of the Parliamentary and IT industry body Eurim, sent me a comment earlier this month which raises important matters. 

He pointed out that NHS consultants may have to keep track of dozens of passwords which change regularly – and those who may be able to help with lost passwords tend to keep office hours only.

Virgo says:

“Little black books and post-it notes are the only option if you are not to resort to the ultimate sin of shared pass-words – when your professional indemnity insurance (and thus your future employability let alone your reputation) depends on what is done in your name.”

This raises an interesting question which has never been satisfactorily answered: How can the need for health information to remain confidential be reconciled with big NPfIT databases of medical records and the password-sharing, post-it-note culture of the NHS?

Medical consultants can argue that their priority is treating patients and sometimes saving their lives. Should they spend less time on patients and more on the management of their passwords?

In short, big NPfIT databases of health information may be a good idea made impractical by the security culture of the NHS.  This basic weakness should have been properly thought through – and wasn’t – before the NPfIT was announced.

It’s unlikely that the password-sharing culture will stop because of the National Programme for IT. What will change is that hundreds of thousands of NHS staff will be able to access much larger databases than before. If the NPfIT ever works.

To this Whitehall officials would say that NPfIT databases are much more secure than paper records and there’s always an audit trail. But audit trails don’t work when passcodes are shared.


Philip Virgo’s blog – Computer Weekly 

Password-sharing hinders probe into serious blunder – IT Projects blog

Endemic sharing of passwords – Computer Weekly July 2006



Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Solution: "Password safe":

Powerful, free, effective, easy to use and available now. Written by Bruce Schneier - probably one of the world's foremost experts on computer security.

What's not to like? Well, I suppose it's free, effective, easy to use and available now. May be unsuitable for NPfIT after all.

This blog entry makes some excellent points on the password management challenge facing all information-driven organizations. There is always the tension between wanting to force users to use longer and more complex passwords to maintain security and privacy while balancing the loss of user productivity when users are constantly having to enter logon credentials.

When the number of passwords exceeds one’s abilty or desire to remember them, it is natural to write them down or make them all the same. Writing down passwords, sharing a colleague’s credentials or even colluding to use the same passwords have unfortunately all become common practices globally. However, with data loss and increased regulatory awareness, these security holes are increasingly frowned upon especially in privacy conscious environments such as the NHS that needs to safeguard vast amounts of patient data.

So where is the middle ground? Is it possible to offer security and user productivity at the same time? And can it be done without wholesale revamping of the systems in use. Fortunately the combination of strong authentication technology and Single Sign-On has allowed IT organizations to streamline user authentication with greater confidence while automating the management and delivery of logon information to applications. And all this can be done without modifying a line of application code. With Single Sign-On or SSO, users can access multiple applications using one set of authenticated credentials, whether it is a password, smart card, token or biometric.

Single sign-on allows clinicians to obtain access to multiple applications with only a single authentication. This eliminates the need to be prompted to re-enter different logon credentials for each application – effectively cutting down the number of keystrokes it takes to perform vital tasks. From a compliance perspective it also facilitates auditing of access events to ensure the person using the application is who they claim to be. Auditing of access events serves the critically important role of allowing IT staff to link users with their actions and provides visibility into what applications were used during a session.

A real user case study demonstrating a successful implementation of Single sign-on in the NHS is Cambridge University NHS Trust. Once deployed, the system eliminated 200 log-in events per day, cut the number of steps required when accessing applications from 29 to just nine, and reduced helpdesk password reset requests from 30% to zero! Even more significant is the amount of time it saves each physician in not having to enter the same mind numbing logon credentials before seeing each patient.

The so-called Post-It Note culture of password management underlines the potential risks that companies and public sector staff take with important data and network access.

It is far from being a sensible practice, but we understand why people do it, especially in the case of some NHS staff faced with remembering and using a multitude of different usernames and passwords on a daily basis. However, such activity undermines the NHS Care Record Guarantee, created in an effort to reinforce the importance of patient confidentiality.

Taking such a serious risk with IT security is sadly perceived by many as being a better option for maintaining productivity, rather than waiting for a busy IT department to reset a forgotten password. The answer is to deploy easy-to-use and effective tools to enable users to deal with forgotten passwords themselves rather than request IT department intervention.

There are solutions available, including Courion’s PasswordCourier, that allow companies to provide quick and effective self-service password management, including issuing reminders and resets, as well as helping enforce best practice in creating and using strong passwords.

Such tools work best alongside the prompt provisioning of access credentials for new employees or those moving departments. Ensuring that new accounts and login credentials are issued in a timely manner will reduce the temptation to share existing login information and compromise IT security.

What use is an NHS Care Record Guarantee if staff write usernames and passwords on Post-It Notes stuck to desks or monitors?

Stuart Hodkinson, UK general manager for Courion (

I found it interesting that there was an allusion to Professional Indemnity Insurance and reputation. It's interesting seeing the two related, but interestingly, despite working for a PI company, I don't think a person's reputation is severely impacted by them having claims made against them.

Haha fair enough. It’s just that Hotfile crahed my Firefox 2 times today, but I can wait :P

I googled AviFaG and there’s no one else that post avi ddls, cept AnimuTake and another site.