IT based identities can be described in two ways. Firstly they are often the entry point and authorisation for permitted users. Secondly they represent a single way of attributing actions to a particular user. For those reasons the issue of identity is a crucial one in that identity must always be kept secure and correct. Easy to guess passwords, weak authentication methods and shared accounts all cause the erosion of identity and therefore compromises security. When the castle walls are strong, the doors become the focus of the attacker.