Authentication Tokens for Password-less Access?

A not-so anonymous Anonymous Coward puts forth this query: "As someone who tires of constantly remembering and re-entering many passwords in possibly hundreds of uses, it strikes me that something as simple as a USB memory-stick device containing security tokens cannot be simply used in favour of passwords. Kernel messages could be monitored for tokens and update local access as needed (such as opening kwallet or disabling the screensaver). Is this really any less secure than say, using a key in the front door? It would be great to hear what the Slashdot community have found useful in reducing the number of passwords that need to be remembered, and what progress (if any) is being taken to increase security while providing ease of access?"

Cost

USB tokens or anything similar are not a viable option when you have lots (and I mean LOTS) of users.

What we use is that in order to log in, you have to enter your normal username and password and then you receive a token (via SMS) which you have to enter.

That way no expensive tokens have to be distributed to end-users and even if a end-user's password is stolen, it's no good as long as you don't steal also his/her mobile phone.

If such a thing happens that the end-user does not have a mobile phone (which here in Finland is _extremely_ rare) it's far more cheaper to give away a couple of mobile phones and accounts than to distribute tokens/usb keys/whatever to all users which then have to be renewed/get broken/are difficult to use.