I'm actually surprised that this hasn't already been brought up yet. Caution urged in wake of RSA security breach - Computerworld
But for the moment at least, enterprises should assume that SecurID is no longer an effective second factor of authentication, he said. "Review passwords tied to SecurID accounts and make sure they are strong," Mogull said. "Consider disabling accounts that don't use a password or PIN and set password attempt lockouts."
Though RSA has not disclosed which or how much SecurID information was stolen, the mere fact that the company is warning of reduced effectiveness is troubling, said John Pescatore, an analyst with Gartner.
Decide what to be and go be it.