The `user_2fa_otp_config` module provides opt-in, configuration, and viewing of Two-Factor Authentication via One-Time-Password (2FA/OTP) settings. In order to allow users access to 2FA/OTP, the system must be properly configured. See [Security](/docs/configuration/security.md) for more information.
:information_source: By default, the 2FA/OTP configuration menu may only be accessed by users connected securely (ACS `SC`). It is highly recommended to leave this default as accessing these settings over a plain-text connection could expose private secrets!
A template system is also available to customize registration emails and the landing page.
#### Emails
Multipart MIME emails are send built using template files pointed to by `users.twoFactorAuth.otp.registerEmailText` and `users.toFactorAuth.otp.registerEmailHtml` supporting the following variables:
*`%BOARDNAME%`: BBS name.
*`%USERNAME%`: Username receiving email.
*`%TOKEN%`: Temporary registration token generally used in URL.
*`%REGISTER_URL%`: Full registration URL.
#### Landing Page
The landing page template is pointed to by `users.twoFactorAuth.otp.registerPageTemplate` and supports the following variables:
*`%BOARDNAME%`: BBS name.
*`%USERNAME%`: Username receiving email.
*`%TOKEN%`: Temporary registration token generally used in URL.
*`%OTP_TYPE%`: OTP type such as `googleAuth`.
*`%POST_URL%`: URL to POST form to.
*`%QR_IMG_DATA%`: QR code in URL image data format. Not always available depending on OTP type and will be set to blank in these cases.