The weak spot at JPMorgan appears to have been a fairly simple two-step password system that was neglected, leading to a major security breach this summer.