I'm not as concerned about two factor authentication (which could under some schemes require OS access outside the browser). Ideally you're only keeping a small amount of funds per account, but the design of the service should reduce the attack surface from an owner or hacker trying to steal the funds from _all_ accounts.
Like I mentioned in another post, the human factor is something I haven't found a way around. The hacker can be deterred/slowed enough that damage is minimized, but there's really nothing to stop an owner from inserting code to steal passwords or redirect transactions and such.
The only safeguard is still: don't store more coins than necessary!
