Are you authenticated enough?

To what point should a person (device) be tested until we can say he/she is authenticated, needs careful analysis. This includes analysis of several fundamental security aspects like privacy, accountability, threat assesment, usability and deployment costs. Is providing the name enough or will the user have to provide other proofs of identity "to get authenticated". It may also depend on how many of these proofs are actually public. Check out zabasearch.com to see examples of how much of user data is actually accessible based on just the first and last name. Pay a little, and see more! Since this is my first blog I will not go into further detail at this point but I think this is a very important aspect to be investigated thoroughly.