Note: This is in response to Hal's feedback on ‘Simple factor is better than two-factor authentication’ where Hal gave praise to two-factor authentication.
That's complete bollucks. Biometrics are no more safer from sniffing than a good ole password. They're actually less safe since you can't exactly change your fingerprint, DNA, or iris pattern. The only place biometrics are safe is on something like Eutron's BioToken in which your fingerprint is used to unlock a private key on a crypto token.
Two factor authentication still is not the silver bullet for identity theft. What if you sniffed your password and then stole your second factor? I'm still in.
Something like a BioToken, where you enter your pass-phrase on a trusted device dedicated to encryption, is the most secure method available.
