See change:
https://gerrit.wikimedia.org/r/#/c/6883/
Faidon and I have been lamenting some security concerns on labsconsole
and decided that two factor authentication could help. We quickly
threw together an extension for HMAC based One Time Passwords (HOTP).
If you've used two factor authentication on google login, then this
should be familiar to you.
There are clients available on most feature phones, smartphones and
desktops for HOTP. See:
http://en.wikipedia.org/wiki/HOTP#Tokens
This is an initial implementation meant to work on labsconsole, so
it's still missing functionality to make it work standalone. I'll soon
add in the missing functionality (basically it's just a really
standard subclass of AuthPlugin, if someone wants to beat me to the
fix).
- Ryan