This might be a logical evolution of the bitcoin client.
Having wallet security and signing being two passwords, one physical and one virtual with of course both being optional.
There is mainstream hardware...
http://www.vasco.com/products/client_products/esignature_digipass/digipass_550.aspx Alternatively there are smart phones and software.
The separation of devices for a single bitcoin action is ultimately the point here.
This is real security in the eyes of the banking system for what that's worth.
Who has thoughts on this?