Since winning the race, he said he has made good on his campaign promise: getting legislative approval and funding to expand an existing program to notify business owners by e-mail if their business registration information changed. Business owners in Colorado can now protect their business filings with a password protection -- the first such system in the nation.

"The password feature is straightforward, but it's new and unusual in the context of central business registries," Gessler said. The system went live in January and, to date, just over 26,000 businesses have registered for Secure Business Filing accounts, according to data provided by the Secretary of State's office. The system is voluntary for business owners and Gessler admits that cajoling established businesses to set up an account has been a challenge. But Colorado has made it a default option when citizens set up a new business, with most taking advantage of the feature.

The data, so far, is encouraging. Reports of business identity theft average about six per month so far in 2012, down from an average of 11 per month in 2011 and 18 a month in 2010.

But Colorado is the exception rather than the rule. Even with greater attention to business identity theft, most states have little or any security built into their business registries. In states like California, for example, the form to amend a limited liability company (LLC) can be downloaded from the Secretary of State's Web page and mailed- or faxed in with payment, but no proof of identity. That allows identity thieves to act without fear of getting caught.

Texas doesn't provide either an e-mail notification program or a way to password protect a business entity record, though the state is constantly reviewing its procedures in an effort to maintain the security of business records and appropriate public access to them, said Richard Parsons, the Communications Director for Secretary of State Hope Andrade.