Due to many password and security breaches in the last years, account security has become one of the top priorities for every web platform that provides sensitive data. Nearly all big players have implemented OATH-TOTP by scanning a QR Code with your smartphone, which can then be used with Google Authenticator or Authy for example:

• Wordpress
• TeamViewer
• Electronic Arts / Origin
• Ubisoft Uplay
• GitHub
• Discord
• Reddit
• Kanboard
• Nintendo Account
• Slack
• Seafile
• Google
• Twitter
• any many many more

As a IT service provider, we provide our Zabbix Frontend public available via Apache HTTPS, so customers have Read-Only access to all their data. To further secure the frontend, Two Factor Authentication is a must in the year 2019 imho.

Further information: https://en.wikipedia.org/wiki/Google_Authenticator