Thanks for going 2factor and even better: using google authenticator. Two factor is too easy and adds too much to user security to be avoided. Furthermore, I think google authenticator should become the standard to increase usage longterm, so much so I made a service to make implementing it even easier: <a href="https://www.gauthify.com" rel="nofollow">https://www.gauthify.com</a>