Two-factor authentication is being added to a Crystal web application using Amber Framework and Authy. The application starts by installing the necessary dependencies, including Crystal, Amber, PostgreSQL, and Twilio. It then configures the environment and creates a new project with Amber CLI. The user account model is updated to include fields for phone number and country code. A migration is created to add these fields to the database. A new view is added for signing up, which includes form inputs for email, password, phone number, and country code. The Authy API requests are made using Crystal's native HTTP library. A VerifyController is created to handle 2FA verification, which sends a one-time password via SMS or push notification depending on the user's device settings. The application is tested with a valid phone number and country code, and the user can successfully log in with 2FA. Additional steps are suggested for further development, including storing login attempts and adding unique constraints to the registration page.