Vitalik asked the Ethereum community seven difficult questions recently, and one of them was related to how Ethereum Account security and recovery shall be handled. I think there are two different fantastic approaches to this problem. The first is hardware wallets such as the Ledger Nano, and the second is 2-of-3 multisignature wallets where one of the accounts is tied to a 2FA provider.
Hardware wallets are a fantastic way to increase Ethereum Account security. However, very few services are compatible with them today and it is exceedingly difficult to build applications that support them. More standards and code examples are needed in order to improve the ability for everyday users to take advantage of hardware wallets.
For instances where it is not possible to use a hardware wallet, a 2-of-3 multisig wallet can be created by a user such that they secretly generate all three private keys for themselves. The user would then securely give one of these keys to a centralized 2FA provider. Then, they could broadcast an Ethereum TX with a single signature and the 2FA service would detect this, send them a 2FA code, and if it is successfullly replied then that service would sign the message as well and it would be valid to be mined by the Ethereum Network.