It would only work as a alternative (definitely a more convenient one) to something like Google's two factor auth app with one time passwords, not a complete replacement. If the phone was stolen, you'd need a way to get in and shut it off. Google's system lets you save a handful of codes for this case.