Add force users to enable two-factor on next login

[loftwah]

I'd like the ability to be able to force users to enable two-factor authentication on next login. This is a common feature in certain web applications and it would be handy to be able to set an option that forces all of the users to turn it on at next available opportunity. Even better if this can be done in cases where the server does not have SMTP capability.

[alexclst]

I'd love this not just for individual users, but for anyone in given roles or higher (ie, set it at Author, and Authors, Editors, and Admins are all forced). I also think that it would be ideal if this stays in force, and therefore locks someone out if they ever turn off 2FA when their account falls into such a group. It would be nice to also force a type of 2FA on these users, so that I can disallow email 2FA for admins, for example.

It also seems that this is somewhat related to #239.

[loftwah]

You're right, it is similar. I promise I tried to search for similar issues :)

[iandunn]

I'm gonna close this because it looks like a duplicate of #255 / #239, but let me know if there's anything distinct that I missed.

[loftwah]

It all looks the same to me. Thank you, I'm looking forward to seeing this in the plugin sometime.