My bank is learning from Schneier, but isn't good student
Bruce Schneieris the person well known to everybody interested in IT security. Recently he published blog postabout why two-factor authentication is not solving all security problems. For those who don’t know what this term means, two-factor authentication is basically system where first you’re giving your “constant” password (password which doesn’t change), then if you’ve provided correct password system is sending you another one which is generated for you just for this single use (this password can be generated also by some small device provided to you by system admin).