Why not give folks the option to use one of these:
http://en.wikipedia.org/wiki/SecurID
So even if a hacker happens to have the password trough a keylogger, which Windows users seem to catch faster than anything, he can’t use it because of the ID dongle.
SELECT signature FROM dumbpatters WHERE forumreference = 1;
0 rows returned.