See change: https://gerrit.wikimedia.org/r/#/c/6883/
Faidon and I have been lamenting some security concerns on labsconsole and decided that two factor authentication could help. We quickly threw together an extension for HMAC based One Time Passwords (HOTP). If you've used two factor authentication on google login, then this should be familiar to you.
There are clients available on most feature phones, smartphones and desktops for HOTP. See: http://en.wikipedia.org/wiki/HOTP#Tokens
This is an initial implementation meant to work on labsconsole, so it's still missing functionality to make it work standalone. I'll soon add in the missing functionality (basically it's just a really standard subclass of AuthPlugin, if someone wants to beat me to the fix).
- Ryan