I wondered about usability too
I have a number of comments to make, the first is that the Masabi application creates a reactive, transaction specific, out-of-band application for Authentication. That's a step up.
The second is that it has still has strength even if both the computer and the phone are infected - nothing else can do that.
Thirdly, we now have a working demonstration of the GrID being spoken to the user, as the RNIB advised.
Fourthly, I too wondered about the usability of GrIDsure. So I explained the idea to my God Daughter, she is five years old. I made it a simple game for her, "Can you tell me the right numbers from that grid according to your pattern?"
She had no problem with it at all and ten minutes later explained it to her parents. When I saw her again last month, she was still able to use the same pattern that she had chosen a month before.
It is easier than you give it credit. Try it yourself a few times, you'll see it on the demo on the website.
Finally, GrIDsure is not a perfect solution, it's a technology which can be applied to solutions to make them easier to use & stronger. The job now is for the industry to find applications for the technology, so that we can all have easier, safer lives.