Wow! I'm thinking twice about this remote access strategy. What's the skinny on 2-factor authentication? You imply that it could protect me from a variety of password sniffing methods, but more usernames and passwords layered on seem like they would be susceptible to the same drawbacks (plus, they would be a major pain!)