We examine authentication and security preferences of younger versus older patients in the healthcare domain. Previous research has investigated users' perception of the acceptability of various forms of authentication in non-healthcare domains, but not patients’ preferences. First, we developed an interactive prototype to test three authentication methods: passwords, pattern, and voice. Our results indicate that younger patients prefer passwords by a significant margin. Older patients indicated more mixed preferences. In addition, we evaluated the level of security patients desired for protection of health information compared to financial information. We found no difference based on age: both groups felt financial security is more important than health data security. The findings of this research can be used to improve and enhance usability of future PHRs and overall PHR usage by patients. While this study is specific to cardiology patients we believe the results are generalizable to all patients with chronic conditions.