Would love to see this site implement 2fa for added layer of user security and privacy. As with the HTTPS migration, I'd be happy to help with implementing this.
I think maybe a section for your public key could be a solid idea, and the server generates a unique code that you decrypt with your private key -- rather than google auth (I prefer to manage my own keys).