Or, if you want to do the same thing without trusting the security of your VPN to a third party, and you're willing to do a little more fiddling with configuration files, you can just use libpam-google-authenticator: http://www.howtoforge.com/securing-openvpn-with-a-one-time-p...
You are only trusting the half of the security which is better IMHO. The evil person would need to hack/steal both you and the (likely more careful) third party in order to access your accounts. In your scenario it would only need to hack you to get everything.
