Security researchers often talk about what they call "two-factor authentication"--proving your identity not just with something "you know," typically a password, but also with something "you have," ...