Steve Gibson, of SpinRite fame has come up with sort of a super-simple variation on the little RSA keyfobs where you instead carry around a little business card that you can print up yourself that has a bunch of possible second-factor entries you can use for auth.
The part that makes me laugh a bit is that it is–as you might expect if you remember the ads for SpinRite back in the day–a Windows .DLL coded in assembly.
John Graham-Cumming has a C implementation of the scheme. He also has a three-letter domain name. Coincidence?