We have periodically talked about the sorcery-like illogical arguments haunting the domain of identity assurance. We now hardly see the people who insist that the password can be displaced by two/multi-factor authentications or ID federations. The voice is now much smaller that PIN (numbers-only weak password) can displace the password. However, we know that there are still a lot of people who loudly allege that the password can be displaced by the biometrics operated in cyberspace together with a fallback password. Many of them are found at world famous corporations like Microsoft, Apple, Google and a number of government agencies and financial institutions in addition to the very vendors of biometric solutions. Most worryingly, not a few security experts appear to have opted to be in silence. We wonder if we would be able to prevent the security fiasco before it is too late.