This amounts to a very standard issue these days. In the last of giant corporations worth spending millions of dollars and minutes to hack into, a password is insufficient. Good for you. For the rest of the world, you know, like when I'm accessing my registration to a telecom conference in June, a password is plenty fine. If anyone really wants to hack that conference's web-site, then they can change the name that appears on my badge, and could even cancel my registration -- something that the conference organizers would happily fix for me on-site.
Has anyone else noticed that this issue seems to have grown (in Google's mind) as they offer more and more cross-integrated services through a single password? Perhaps, and this is just speculation, if they separated services into multiple accounts hosted independently, while it would be a little less convenient for users, it would be the same less convenient for hackers?
In any event, the idea of replacing something that can't be stolen, with something that can be stolen, is a plainly stupid idea. It's even more stupid than using biometrics -- something I can't control intently, and I leave everywhere I go. So stupid.