WordPress Two Factor Authentication (CMAUTH) - 2FA Methods - Authentication Methods Overview
Authentication Methods (Overview)
The WordPress Two Factor Authentication plugin supports four widely accepted two-factor authentication (2FA) to increase account security. They work by adding a seamless but more secure step to the authentication process, so that users don't have to rely only on their passwords.
During the first use, it's necessary to link the app and account either through a QR Code or a secret key. Google provides a step-by-step guide about this.
The login page asks for a unique code, which is sent to the e-mail registered by the user when they try to sign in.
Similar to the previous one, this method sends to the user a link that allows the login. The link is unique, so it expires after a set amount of time (the duration can be changed in the General tab).
Mobile Phone SMS
In order to access the account, the user has to input a code which is sent by SMS (short message service) to his/her mobile. This message is generated by the reliable Amazon SMS service (AWS SNS), which boasts compatibility with most countries.