Gartner: Move Beyond Passwords

At the Gartner IT Security Summit in London, Ant Allan said that “passwords are no longer adequate, as threats against them increase.”
He seems to advocate multi-factor authentication in spite of the expense of smartcards or SecurID.
In my Advanced Network Security course, the first project has to do with implementing a protocol called PAKE. This was proposed last decade. It is a secure method of authentication using password where the password is not sent over the wire. Rather in a DH like fashion the user is able to prove to the server that it knows the password. So an active attacker cannot gain advantage by sniffing the logon. Also the server does not even store the password in a format that is useful if the PDV is stolen. Any two-factor authentication should perform authenticate both the server and the client, and not be susceptible to man in the middle. This makes PAKE an interesting study, although i”m not sure how well it scales.