1,301 votesAlex commented
2FA to log into app is not required. I would suggest to use any multiple-choice data changed every time when you are trying to open database. Look at TRI-PIN from Lunabee oneSafe; they change color and signs every time, so you need only remember the key cifers/signs/colors. It prevents catching the PIN-code, which is definitely the same every time.
As an additional protection layer, it would be great to have some protected folders _inside_ application, and we can place there any sensitive data like credit cards and documents.
For 2FA embedded into app for filling it right from account - you can use Google Auth codebase, which is pretty simple and open source.