Two-factor authentication is a level of protection for a user account during authentication. When attempting to login, the user is sent a one-time link to log into the account.
Two-factor authentication is enabled and disabled in each user's profile separately. So one user may have it enabled, while another may not.
By default, two-factor authentication is disabled for users on the front end. To enable it, go to the "Settings" section and enable "Authorization confirmation for users".
Regardless of whether a two-factor authentication message has been received, entering confirmation is mandatory.
Remember that if you do not set a two-factor authentication message template, the message will not arrive. The message is configured in the "Messages" - "Two-factor authentication" section.
