Ruby non-SMS two-factor auth

This is a topic which is currently of much interest to me. Suggestions are welcome.

serious contenders (in my opinion)

Note: these are also the only two mentioned at https://github.com/plataformatec/devise/wiki/Extensions

• tinfoil/devise-two-factor now-ish. demo: gorails-screencasts/two-factor-authentication
• houdini/two_factor_authentication (for Devise) now-ish

other

• sinch/ruby-two-factor-auth Jan 2016
• nexmo/ruby-2fa Nov 2016
• nexmo/nexmo-ruby https://github.com/Nexmo/nexmo-ruby this month, proprietary
• twiliodeved/authy2fa-rails https://github.com/TwilioDevEd/authy2fa-rails now-ish (SMS only demo)
• twiliodeved/sms2fa-rails https://github.com/TwilioDevEd/sms2fa-rails July 2017 (SMS only demo)
• duosecurity/duo_ruby https://github.com/duosecurity/duo_ruby June 2017 (low usage)
• heapsource/active_model_otp https://github.com/heapsource/active_model_otp May 2017, rails 4
• authy/authy-devise https://github.com/authy/authy-devise Dec 2017 (SMS only)
• opf/openproject-two_factor_authentication now-ish (low usage, but promising!)
• mort666/yubikey_database_authenticatable Aug 2016
• little-bobby-tables/rose_quartz Jan 2017, low usage
• wmlele/devise-otp Aug 2015

github’s list: topics/two-factor-authentication?l=ruby