Snip
Found an old topic regarding 2fa implementation and discussion here.
2FA for more security in bitcointalk forumAlso quoting this nice response from @hilariousandco about additional security:It's coming with the new forum:
https://bitcointalk.org/index.php?topic=523070.0In addition to normal password authentication, the forum should support various kinds of of alternative authentication. At least password auth, email verification, secret questions, OpenID, PGP, OpenVPN (automatic creation of subnets + IP source verification), and Bitcoin address signing should be supported, with multiple allowable credentials for each auth type. Users should have the option of requiring any combination of these auth types. Like "pgp OR (password AND OpenID)". And users should be able to require that changes to some or all auth types as well as the required combination of types not take effect for some configurable number of days. This allows for different types of recovery methods.
Also, it should be possible to limit the access for each auth type. So one type might be able to only read, but not post, etc. If the Web interface uses the same API that is exposed publicly, then these permissions can be in the form of allowed API commands.
Used search function first about topic before posting cause answers that you need might have been suggested before OP.