Thanks for this plugin.
I have a concern about the behaviour on failed login attempts (with incorrect Google Authentication Code). Currently an error message is shown
ERROR: The Google Authenticator code is incorrect or has expired.
I don't think this is good security practice as it specifies where authentication fails (i.e user name and password were ok).
By the way I use you plugin with on Windows with the following app which is also available on other platforms https://marketplace.firefox.com/app/gauth-authenticator/