Another vote for Bitcoin 2FA.
Maybe placing an option in your profile that lets you use different 2FA types (Google, sign with BTC address, etc.).
/edit
Nevermind, found it in the forum design feature list:
Fancy Authentication
In addition to normal password authentication, the forum should support various kinds of of alternative authentication. At least password auth, email verification, secret questions, OpenID, PGP, OpenVPN (automatic creation of subnets + IP source verification), and Bitcoin address signing should be supported, with multiple allowable credentials for each auth type. Users should have the option of requiring any combination of these auth types. Like "pgp OR (password AND OpenID)". And users should be able to require that changes to some or all auth types as well as the required combination of types not take effect for some configurable number of days. This allows for different types of recovery methods.
Also, it should be possible to limit the access for each auth type. So one type might be able to only read, but not post, etc. If the Web interface uses the same API that is exposed publicly, then these permissions can be in the form of allowed API commands.
It might be nice to make this functionality into a self-contained library that other sites can use.
