Two Factor Authentication - Criteria

Authentication is a process through which one's identity is verified. For a long time it was done
using a one-step login where users had to provide their passwords. This approach was appropriate for
the early days and served us well for a while.

Unfortunately due to our reliance on digital systems for sensitive operations, the prevalence of bad
actors to break or steal credentials for their own nefarious plans compounded by the bad passwords
practices and management better authentication is required.

Multi factor authentication as the name indicates, does not solely rely on a single step, rather a
mix and match of different factors where users have to provide something they know, have or are. The
first one corresponds to the traditional system previously mentioned with passwords and PINs. The
second makes use of physical devices, general purpose ones such as phones or for more secure
contexts dedicated and specialized hardware keys. While the last one mainly refers to biometrics
such as fingerprints and facial or voice recognition.

Security generally inversely correlate with ease of use. Two factor is then a compromise, suitable
to the majority of commonly encountered situations. While hardware keys are preferable, most users
rely on their phone and an authenticator app to generate a one time password.

As always the application should be Free and Open Source, implement at least one of the two standard
algorithms for one time passwords: HMAC-based one-time password (HOTP) and Time-based
one-timepassword (TOTP), have a secure vault protected by a password or biometrics. And additional
functionalities such as backup and data import/export.