Partially as a follow on to T150564...
It'd be nice, but would require a different workflow, to support hardware based OTP devices. Things like http://www.usbtoken.ro/shop_en/otp-tokens-server-authentication and even Yubikeys in a OTP mode
https://en.wikipedia.org/wiki/HMAC-based_One-time_Password_Algorithm#Implementations