OpenCart also has a Google Authenticator plugin. The Google Authenticator is available for Android, Blackberry, and iOS. This will make the admin login like the login at your bank, where you have to enter a few numbers either sent on sms message, or generated by some small device. Unless there is a critical flaw in OpenCart people will not be able to login to admin without access to your phone as well.

My PGP is available at: