If you’ve been following Authentication related discussions, you know that a lot of the tactical focus is on adding additional authentication factors to the base username/password login mechanism as a way of making it more secure. This is particularly true in consumer facing applications, as brought into stark contrast by the Mat Honan hack episode.