Escaping from Keyloggers

I have recently joined the Secure Coding community in Orkut and there is a great discussion going on about how to "Implement Safer Authentication". The discussion went about how to bypass attacks from keyloggers . I had written about implementing 2 factor Authentication in such scenarios. The login page would have 3 fields instead of the regular 2 fields (user id and pwd). The third field would be to key in the Software security token which will get displayed on the login page. I think 2 factor AuthN would be the way to go since it would surely make life difficult for hackers, though nothing in this world can be declared as an "ideal security system". I dont have much idea about the cost of implementing a Software security token for public use (like for web-based mails). If you have ideas on the implemetation cost of a Software security token, do let know