The document discusses the ineffectiveness of passwords for authentication and proposes moving to multi-factor authentication. It notes that passwords can be cracked using techniques like brute force, rainbow tables, and GPU cracking. Rules for mangling words to generate password guesses are also presented. The document advocates supplementing passwords with a second or third factor of authentication, such as using a token, digital certificate on user devices, or phone-based authentication to provide stronger security than passwords alone.