Feature request from MonteShaffer, posted on GitHub Jan 18, 2016
I am swimming around the code for magento-backend (within Model and App), trying to figure out how in the world I would hook into Magento2 authentication for creating my own Duo Two Factor Support.
isLoggedIn ??
Sentry Human Element developed one for the OLD CE 1.9
http://www.human-element.com/sentry-two-factor-authentication-documentation/
And if you look at their code, they are really using a library from the DUO website itself...
https://github.com/duosecurity/duo_php
Certainly other authenticators (like Google) could easily be introduced.
Of note, there needs to be some backend-manually recovery if the DUO fails.... some file in the folder structure with a force bypass.
e.g.,
bypass-duo = true;
So the admin tool would have a toggle (enable/disable DUO, just for backend), and if DUO is enabled in the system, but this text file is true, it would disable, allowing admins into the system.
An example of Wordpress plugin ...
https://wordpress.org/plugins/duo-wordpress/
This increases security tremendously.
Anyway, I believe this should be a core feature (as a system->configuration->option), so I am proposing this as a feature.