The Navy has been using NMCI now for over 10 years and the Common Access Card has been a wonderful security solution to add the 2nd factor of authentication (“what you have?”) in signing on to computer desktops and various Navy sensitive websites. The Navy should start to develop a roadmap to replace the CAC with more relevant two-factor solutions that will support the addition of mobile devices to the sailors in the near term. I have noticed both the banking and online file synchronization market adopt two-factor authentication. Evernote, Dropbox, and Basecamp send the user a code via email or cell phone text that must be entered following a user name and password process. My banking also requires me to answer pre-stored Questions and Answers (part of a profile I set up in the account). These are all examples of commercial solutions that could replace the current CAC process. Who wants to carry a CAC reader to hook up with their iPhone, iPad, or Android device.