Hello,
unfortunately, this is something that is not simple to do. Alfresco does not yet have standard workflow actions that require a user to enter their credentials. Mostly this is due to the fact that Alfresco can be operating in a context where it can't validate the users credentials, e.g. when users are authenticated externally.
In case your Alfresco is set up in a way that it can actually validate credentials, e.g. it has local/passthru/kerberos/LDAP authentication set up, you can add such a functionality to Alfresco manually. This requires some Java development though, so nothing you can do with just Kickstart. You'd need to add fields for login/password into your workflow model and forms, and should implement a form filter that intercepts the login & password, validates them via the authentication service (simply do an authentication in a separate transaction), veto if authentication fails or proceed (but remove login/password from the fields to save, so as not to accidentally save the password in the workflow where administrators / others may retrieve it from).
What I would prefer is using some kind of OTP setup in Alfresco that is independant of the actual credentials. Then you can require the user to enter time sensitive pin before submitting the form and validate that in Alfresco without having to go to any authentication service.
Regards
Axel
