In case pragmarx/google2fa-laravel package was not installed during plugin installation, add "pragmarx/google2fa-laravel": "^0.1.4" to composer.json in your project root directory and run

composer update

To set up 2-factor authentication there are 3 main steps with 3 corresponding components.

TwoFactorActivate

Screenshots 1, 2. This component displays QR-code and input to enter the one-time password. User will need to scan QR-code by 2-factor password generator app (Google Authenticator) wich will generate a 6-digit code. After entering it and activating user will get message about successful activation and set of recovery passwords that he needs to save to be able to access his account in case he losts his auth device.

OneTimePasswordForm

Screenshot 3, 4. This form needs to be shown after user signed up if he got 2-factor authentication active. Here he will enter 6-digit code from 2-factor password generator app to access his account.

TwoFactorProtector

Screenshot 5. This component checks if user got 2-factor authentication activated and if yes - restricts access to the pages. The component is convenient to place in layout to protect all layout pages at once. Component will work only with RainLab.User Session component. There is option to select wich pages don't need to be protected: if your login page and page with OneTimePasswordForm use the same layout you need to add them to the 'except' componet field so they will be not protected and available for not logged in users. Also any pages for not logged users from current layout need to be added here.