You could use a certificate for this, however I honestly would advise that tying access to the admin section of a functioning business to a single specific device is a bad idea in general.
(The following is advice only based on real personal experience, and therefore somewhat subjective, but my philosophy is to never help a client shoot themselves in the foot, no matter how much they want to pay me to do it.)
If any of the following scenarios occur, your client will not be able to administer his site without getting you to help:
- His computer explodes.
- His office is broken into and his computer stolen.
- There is a power outage in his office.
- He is ill and needs to work from home.
- Flood / Volcano / Zombie apocalypse.
- Client goes on holidays and wants to make a change to the site from beside the pool using a device that for whatever reason does not support the certificate in question or that he didn't think to ask you to install the certificate on.
- etc.
Murphy's law suggests that any or all of the above will occur at the exact time that you are not available/really don't want to have to deal with it/busy working for another client
If your client really wants secure access to the admin section of the site, you can't go wrong with having a specific Admin login section over HTTPS. No-one can reasonably steal his login credentials "over the wire" this way...If the client is worried that someone might somehow steal his username+password, via key logger,over the shoulder, etc, then it's up to him to not access the site from a computer that's insecure (internet cafe, etc).
And if he insists that it must only be accessible from that specific machine then he has to decide if he wants to have his cake or eat it - either get a static IP address or not!