[golovast]

There isn't a great way to make it easy for the user. Assuming that the password is "something you know" you need to add either "something you have" or "something you are" to the mix. That will mean tokens/cell phones/computers/other physical objects or effective biometrics. There are some creative ways to deal with this, but no matter how you look at it; it still is an added inconvenience for the user.

[billycoover]

I think the biometrics angle is interesting and will become more prominent in our lives as the tech gets cheaper, smaller, and easier to implement.

But biometrics doesn't pass the grandma test (you know, grandma who doesn't use cell phones, won't do online bill pay, snail mails everything, like mine).

I'm fascinated by all the ways people are trying to reduce the inconvenience of authentication.