Many corporations are beginning to use a second factor for validating a login, a PIN number is sent via email or text message and the user is required to enter it in a form field to continue.
This fails remarkably easily if the device is stolen. Read my blog about this:
If your solution's security needs are minimal, this method will suffice. If your solution's security needs are very high due to being a financial database or medical or even one involving Home Security and Terrorists, then this type of authentication is suspect for the reasons I state in the blog post.
I have worked on this concept for several years and recently devoted my full time to it and the ins and outs are mind boggling and trying to create a working security system within FileMaker is time consuming and frustrating as every idea seems to blow up into many problems. So I understand why scripters want to latch on to a simple idea as a complete solution when it is not.