Dave Brondsema - 2016-11-11

I think this is a nice improvement. We might need to make the text a bit more subtle, for projects that have many members without multifactor enabled.

A security concern, though, is that anyone can add anyone else to their project. And then they'd be able to see if the other person has multifactor authe enabled. I don't think we want people to do that. A good solution (although not easy) would be to create an invitation system so that people must accept joining a project. That would be a nice improvement anyway.

So I think we should hold this merge request until we have that done.