Currently it is possible to authenticate with an email address and password. I am currently adding two factor authentication using time-based one time passwords (TOTP). I would like to add additional authentication methods that do not require an email address or username.

One method of doing this would be HTTPS client certificates, which I will test once I've added two factor authentication.

If you have any other ideas for authentication in general please add them.