Industry observer Patrick Townsend attended the RSA (News - Alert) conference in San Francisco this year, and noted that what jumped out at him was “the number of new vendors showing off mobile identification” products, “There were at least four new vendors of mobile-based two factor authentication, and one regular exhibitor with a new entry in this area... they certainly made a big splash.”

Two-factor authentication is more important for security than you might realize. Why? Let’s take a little quiz: Do you carry a cell phone or mobile device? “Yes” would be the correct answer here. For extra credit, do you have multiple cell phones or mobile devices? There you go. Password reset software is critical to maintaining security, too, as you know. Right? We’re still not using the same password we’ve had memorized since college, are we?

As Townsend explains, we’ve moved to a “de-perimeterized security reality.” This means we are more dependent on passwords. Talk to any security professionals you know, and you’ll know that people who access systems “persist in the use of weak passwords,” usually their first name and “123,” which is, oh my, so difficult to figure out.

This is why two factor authentication and using two different authentication methods to access a system is extremely important. This means still using a password with regular password resets or PIN codes, but also requiring a fingerprint or iris scan, or cell phone, HID card or hardware token. You can see how much more difficult it is now to breach the system.

Cell phones are the most common method for the second ID, since, let’s face it, not many laptops are equipped with fingerprint or iris scanners. At least ours isn’t, yours might be a bit more high-tech.

Oh, and according to Townsend, entering a password then answering a personal question, where were you born or your mother’s maiden name, is still one factor authentication used twice, and as insecure as simple password authentication.