Using a phone for authentication is not a new idea (relatively). Bank of America has been doing an SMS based system for a little while now, where they send you a temporary code as you try and log in, and then you use that code to complete the authentication. This is a great, secure, and simple method to ensure that at least the person who has my cell phone, is the one trying to get into my online backing. My problem is that I’m stuck in the stone ages and don’t have a text messaging plan, but I do enjoy keeping my 5-10 bucks a month.
myOpenID has now provided a similar two-factor method, but instead of a text message, it is a free (or well included) call to any touch-tone phone, that simply requires me to hit the # key.
This is elegant in its simplicity, innovative in its ability to not leave out those without SMS, and great in the fact that it costs me nothing more than what I pay already.
Check out the details on the myOpenID site https://www.myopenid.com/about_callverifid