Logins and password policies

Currently the log in is by user name (e-mail address) and password, which is not optimal. Is there a way (or are there any plans) to use two factor authentication?

Also, is it possible to set up password policies to better align with corporate policies? Min number of characters, use of special characters, password expire etc.

Best Answers