Federal Computer Week has been talking about what makes a good password for the past several weeks. Lots of readers have written in about how to come up with strong, easy to memorize passwords that meet all the standard rules for passwords--length, special characters, etc. Now they discuss how two-factor authentication helps keep data safe even without difficult to remember, long, and cumbersome passwords.

Consultant Bill Cheswick says that one-time passcodes can improve security without difficult passwords. In FCW, "One-time passcodes require tokens – which may be hardware or software – to generate the passwords. However, they're valid for only one log-in, so if someone steals the password, it will be useless."