PhoneFactor of Overland Park, Kansas, offers a two-factor authentication service that uses any mobile or landline phone as the second form of authentication. One application of the service protects a patient’s confidentiality when a doctor needs to refer to hospital records from a remote office. The doctor keys a user ID and password into the hospital network. At that point, the doctor’s cell phone rings, prompting him or her to confirm the login. If the doctor keys in the correct PIN on the phone, access is granted; if not, the hospital IT department is alerted and access to the network is denied. The service features quick setup and eliminates the need for tokens, smart cards, and certificates.