Document that 2-factor auth users may need a personal access token

What does this MR do?

Documents that users with two-factor authentication enabled may also need to create a personal access token to use git over HTTPS.

Are there points in the code the reviewer needs to double check?

Why was this MR needed?

To address a support issue (gitlab-com/support-forum#980) about why passwords don't work in git when two-factor auth is enabled.

Screenshots (if relevant)

Does this MR meet the acceptance criteria?

• CHANGELOG entry added
• Documentation created/updated
• API support added
• Tests
  • Added for this feature/bug
  • All builds are passing
• Conform by the merge request performance guides
• Conform by the style guides
• Branch has no merge conflicts with master (if you do - rebase it please)
• Squashed related commits together

What are the relevant issue numbers?

gitlab-com/support-forum#980