Please integrate 2-factor authentication into Webroot SecureAnywhere online console for home and bussines users. Most people are familiar with this as an RSA dongle or something like the WoW Authenticator. https://us.battle.net/support/en/article/battle-net-authenticator-faq
. The security lies in that logging in requires something you know (your password) and something you must HAVE (a physical thingy).
However, what most people don't know is that companies don't need to make their own special authentication dongle. There are drop-in, generic retail dongles that work across mutliple services. Customer can buy their own dongles, Webroot doesn't need to provide or sell them. For example, the Yubikey http://www.yubico.com/.
Webroot's password toolbar service is actually a rebranded LastPass service, which already supports the Yubikey.
. Part of your product is actually already two-factor enabled.
As a "security company," Webroot should be pushing hard for 2-factor authentication.
And it's a very attractive feature for business customers. Webroot's console is cloud-hosted so you are already removing the additional VPN access factor for companies to administer your product. Adding two factor is a good idea.