Lockdown

There really is no such thing as too much security. Thanks to the availability of easy-to-use password cracking tools and multicore processors, it is only a matter of time before a determined hacker breaks your password and gains access to your computer. If you're really concerned about unauthorized access to your computer, you should definitely add an additional layer of authentication (see the "What Is Two-Factor Authentication?" box).

One of the easiest mechanisms for implementing a two-step verification is the Google Authenticator service . You can use the service to issue a time-based authentication token to supplement the existing password challenge. Google Authenticator uses the IETF-approved Open Authentication Time-Based One-Time Password (OATH-TOTP) protocol that generates a password (usually a six-digit number) that's meant for a single use before it expires and is replaced by a new number.

The good thing about the TOTP protocol [3] is that it doesn't require an active connection to the Internet. The protocol uses the current timestamp along with a pre-shared key that's available on both the machine you're trying to log in to, as well as on your portable app used to create the six digit code. When you type in the code at the login prompt in the computer, it performs the same computation with the same pre-shared key and arrives at the same six-digit code, thus allowing you to log in.

[...]