The AP reports that U.S. federal regulators have sent a letter to banks saying they should go beyond passwords to two-factor authentication by the end of 2006. There are all sorts of possibilities for what the other factor might be, from cell phone acks to a physical gizmo that emits a code to use. I’m betting banks will ask what your last payment for x purpose was.

Dan Gllmor reports a bank he used only a few years ago still used social security number as logn name. He says:

I don’t keep much money at that bank anymore.

Banks are probably worried that more people will do what Dan did, thus limiting their online reach.

-jsq