[ ] Guest authorization by providing a name and email address and entering a passphrase that was emailed to the user
[ ] 2FA using an email address from the GECOS data, if available
[ ] 2FA using an email address from a supplemental database mapping usernames to email addresses (probably just a plain text file with "username address@example.com" lines?)
Some of these point to managing a list of "accounts" separate from the local user accounts, perhaps with some referencing a local user, i.e., "jane.doe@corp.example.com" is local user "jane" but "bob.knob@public.example.com" has no local user account.
Add support for the following:
Some of these point to managing a list of "accounts" separate from the local user accounts, perhaps with some referencing a local user, i.e., "jane.doe@corp.example.com" is local user "jane" but "bob.knob@public.example.com" has no local user account.