Two Factor Authentication with Shibboleth
From GFIPM Implementation Wiki
About
One option for enabling multi-factor authentication for Shibboleth is to use the Multi-Context Broker. This framework offers an excellent way to develop different style of 2nd factor modules for Shibboleth.
Second Factor E-mail
GTRI has created one such packaging where the 2nd factor is based on the user's e-mail address, where a code is e-mailed to the user's registered e-mail address and then they type in the code. This 2nd factor verification may be cached for some amount of time as determined by the configuration. This MCB package may be downloaded: File:Secondfactorbyemail.zip.