Two-factor authentication, such as RSA’s tokens and their pseudo-randomly generated numbers, was supposed to be a simple fix to that problem. But do they resolve the problems they were designed ...