Just to add onto the last solution offered. You can stack the HTTPS authentication with two factor methods. Google offers their 2factor authentication as a plugin for Apache: https://code.google.com/p/google-authenticator-apache-module/
It uses the basic auth input however the password is the 2 factor pass. Two make it truly 2 factor, the code goes after your password in the same input.
Also it would work with user:pass@host:port 🙂