ISC: Cuckoo’s egg on the face

Daniel Wesemann has a great commentary today in the SANS Internet Storm Center diary about one of my favorite books Cuckoo’s Egg by Clifford Stoll.
I agree with Daniel that the same problems are present today. Passwords suck and should not be used for important things such as remote access to your companies network. That’s why things like SecurID or smart cards are so important.
What’s that phrase, “prevention is important but detection a must”? Something like that. If Clifford hadn’t been so curious about an accounting problem of less than a dollar the issue in the book wouldn’t have been uncovered. How would you know if someone were using your employees accounts?
If you haven’t read this book, I highly recommend it.