"Bingo" cards. A form of "what you have," they're wallet-size grids resembling bingo cards that you receive when you set up your account. When you log in, the system will randomly generate coordinates. The cell at that coordinate will have a PIN that you enter.

Fraud detection. Instead of adding a second authenticator, it may be more cost-effective to strengthen your fraud-detection measures, looking for anomalies based on IP address, geographic location or other behavior inconsistent with the user's past patterns.

Security professionals will differ on which authenticators they think are right for their organizations. But they'll all agree on one point: It's bad for business and bad for the economy to mandate a one-size-fits-all solution. Continued flexibility is the right way to address this complex risk.

Jay Cline manages data privacy at Carlson Companies Inc., a Minneapolis-based group of businesses in the travel, hospitality and marketing industries. Contact him at cwprivacy@computerworld.com.