I’ve never been a big fan of passwords, although if that’s the only available authentication method, the password should be a strong one. Two factor authentication is certainly better than just a password. I was encouraged when I saw a report that a company called TextPower was granted a patent for a “text message authentication system.” According to the description, the user sends a simple text message (SMS) from their cell phone to authenticate their identity. The one simple text message will allow for multiple authentication technologies. This eliminates the possibility of man-in-the-middle attacks and is more secure than typical two factor authentication (2FA) methods. In order to compromise the system, you would need to physically have the phone AND know the PIN of the user.
This is a different spin on current 2FA systems. It is more in line with the direction I thought we needed to go. I’m encouraged that there is a new technology in our future that gives us a more bullet-proof method to authenticate.