Add two-factor authentication

[mvdkleijn]

Since @gittip is about giving and receiving money, some form(s) of two-factor authentication would be nice. We could make it optional, like Google et all do, but still advise users to use it to increase safety.

Personally I feel multiple two-factor authentication options would be nice to have. I'm thinking of these two:

• Google two-factor mobile app (software based)
• Yubikey token (hardware based)

I have a Yubikey myself and have integrated it with sites. Very easy to do and I like the idea of a hardware token, which feels safer than a potentially hackable software token. I never bought hardware tokens before, but the Yubikey was cheap enough for me to afford one.

My experience is that the Yubico guys (for example @dainnilsson, Yubico Python guy) are happy to help with integration.

Disclaimer: I'm not affiliated with Yubico (the guys behind Yubikey)

[chadwhitacre]

This is a dupe of #638.