I ran across this nine-month old post at cavemonkey50.com and I’m kind of left wondering where I was when this idea made its round on the blogs. Basically, PayPal will sell you a SecurID-like fob that can be OpenID-enabled using VeriSign as the OpenID provider (eh, VeriSign...sketchy? maybe.) The two key observations:
While PayPal is providing the Security Key, the key is actually a VeriSign Identity Protection (VIP) device ... VeriSign is actually an OpenID provider and allows you to link your Security Key to your OpenID.
So give PayPal $5, get one of these SecurID-like devices in the mail 10 days later, link it to VeriSign’s OpenID provider, and boom you get two-factor OpenID authentication. Assuming your email, blog, photo sharing site, etc are hooked into OpenID, you have a little less to worry about when you’re on the road using some random internet cafe terminal.