2FA passphrase (low security level)
The idea of this 2FA module is to ask use a passphrase (it will be registered in persistent session, ciphered).
It can not really be called 2FA as it involves the same medium than the password (something we know). The only protection here is to prevent an attacker that was able to steal user's password on another system to connect to the SSO session.