Improve security through better authentication

[phildini]

This is an idea issue. This should be a place for discussion, and then individual issues are filed for each outcome of the discussion

Primary idea here: We're storing a potential treasure-trove of PII. Let's make sure we're doing everything in our power to protect it.

First step: 2-factor auth with a reputable provider, not rolling our own.