With a security token. In other words, a hardware key or sorts. For research I am a bit surprised since this stuff (USB token) has been around for some time. Heck the yubikey has been out for what, 3 years.
http://www.schneier.com/blog/archives/2013/01/googles_authent.html
http://www.wired.com/wiredenterprise/2013/01/google-password/all/