Edit: A suggestion that came up was a token Escrow mechanism. I googled for it for a bit, but did not fnd any service available. A few key scrow mechanisms are available from the late 90s when the government pushed some research into key management for PKI schemes and ncryption, but none of the mechanisms really took off because of the lack of trust. This may be something interesting to ponder upon.
I was talking to a few friends who use RSA tokens (yes, those things that give you a one-time password) and found that most of these have no back-up mechanisms, a.k.a. if you lose/ forget those tokens, you have to requisition one more from the IT dept (not a great strategy if you want to VPN in from a remote location) Here is a list of "back-up" authentication schemes that I know of: software tokens, other devices (phone, blackberry, etc) as authentication means. I would be interested to know any other schemes out there. Feel free to email me if you know of any