Thank you for such a great product. I noticed the other day that you support one-time passwords and I thought that this was going to be a 2nd factor Authentication, but it is not quite.
Two factor authentication is:
1. Something you know (password, i.e. Master password)
2. Something you have/are (finger print, Pay Pal FOB, etc.)
If you combined the otp with your master password, then you'd have an easy 2-factor authenication method, where you'd have to enter both to access the site.
Steve Gibson described an implementation of such a 2 factor solution in the Security Now
podcast. The full description is here
I would be interested if you implemented something like the "Perfect Paper Passwords" system as your 2-factor authentication, as it wouldn't require carrying around a 3rd party FOB of some sort.