So you’ve added two-factor authentication to your web service? That’s a good start. But at this point, two-factor authentication should be just a baseline standard for basic security practices. How much further will you go to protect your users from hacks?

LinkedIn (s lnkd) is the latest company to announce that it’s added two-factor authentication to protect user accounts, and it’s a welcome addition from the company that’s experienced significant security breaches in the past. Twitter finally added it last month (after going far too long without it) and Apple and Microsoft have added it in recent months as well. Facebook added its own version of two-factor authentication in 2011, and Google has had it for much longer.

But two-factor authentication, which essentially asks you to confirm your identity with a second code from a device like a smartphone when you go to enter your password, is just a start…