I highly recommend Duo Security, the guys behind have a solid track record in the industry. They started it first with phones. Prior to that everyone else was using expensive RSA like secureid tokens that take more to deploy. Read the man page for ssh and you see Dug's name in there. Jon has a solid track record on the mobile side. They just developed Rekey to fix the Android master key vulnerability issue about 2 weeks ago.