Bank Web sites are expected to adopt some form of "two-factor" authentication by the end of 2006, regulators with the Federal Financial Institutions Examination Council said in a letter to banks last week.
Two-factor authentication confirms identity based on information that a user knows (like passwords) and information that a user physically has (like a device which displays randomly changing codes).
Two-factor authentication should reduce the chance that phishing attacks and key logging programs can be used to hijack your online accounts. So I hope banks will soon implement this kind of system. One thing I worry about is having to carry a dozen electronic devices which hold the random codes needed to log in. Perhaps the government could set up a system in which one device could work with multiple banks and financial institutions.