Hi,
I suggest the following

New feature: add an option to use time based One-Time-Password for login.

This might replace the standard login with username and password (for convenience) or optionally be added to the password login for reinforced security. The user can easily log in with the OTP app of his/her choice e.g freeOTP or Google Authenticator. The administrator should be able to produce the QR-code with the shared secret and easily distribute it to the user.

There are a lot of code examples with free licenses around, if you want some inspiration.

Copied from:

[Github] Piwigo issue #783