Require Physical 2fa for Build WG & Web Infra members

[flakey5]

Members of the Build WG & @nodejs/web-infra have access to sensitive resources. Despite this however, there aren't any actual requirements for 2fa to be enabled on a member's accounts afaik.

I think there should be a requirement for members to have some form of physical 2fa (i.e. yubikey) connected to their GitHub and other relevant accounts.

@nodejs/web-infra is relevant here since, even though members aren't under the Build WG governance, they still follow the Build WG contributor guidelines as per the website's governance doc.

I don't have an answer as to who's going to be paying for the keys however