"People are selling two-factor authentication as the solution to our current identity-theft problems, but it was designed to solve the issues from 10 years ago."
The big problem identified with passwords is, that like all software solutions, they can be brute forced, eventually. Passwords, tokens, digital signatures, et cetera – can eventually be brute forced or circumvented. Things you carry with you such as smart cards aren't susceptible to this. Although perhaps moving towards more hardware authentication is better for security, I have to ask: Isn't that why passwords were invented in the first place? Physical “keys” have been around for thousands of years. Are we going right back to them?