My bank recently implemented a login procedure that is virtually impossible for an identity thief to access. It uses a technology called “Two-Factor Authentication”. In addition to a regular login, you must type in a code from a security card or an email sent to a mobile device.
The security card has a grid with numbers and letters so every time you login, a random grid location is given; you look at the security card and type in the entry from the grid location within 60 seconds. For example the login screen may say: A3B4. So you look in position A3 and type its entry (like a3w) and look in position B4 and type its entry (like u7t).
If the email route is chosen, an email containing ‘a3wu7t’ would be sent to your mobile device.
The security card could be printed for reference after initially logging in (before switching to two-factor authentication) and answering a few security questions. Finally, another roadblock to identity thieves.