!!Enterprise Licenses Only

OTP settings\\
\\
This settings allows you to configure two factor authentication.  Before two factor authentication will even be considered, you must set the flag "otp_validated_logins" in your prefs.XML file to true.\\
\\
!1. SMS based:

 - You must have a twilio account.
Using Twilio: https://www.twilio.com/

\\
The ACCOUNT SID as username and AUTH TOKEN as password:\\
[twilio3.png]
\\
Url : 
{{{
https://{otp_username}:{otp_password}@api.twilio.com/2010-04-01/Accounts/{otp_username}/Messages.json
}}}\\
\\
API post :
{{{
To={otp_to}&From={otp_from}&Body={otp_token}
}}}\\
\\
Provide your twilio phone number. Checking the "Validated Logins?" will enable to use otp in user login.\\
\\
[otp_sms.png]\\
\\
The config will be used only for users which have a phone number and the "Two factor SMS authentication" flag enabled in the User Manager.\\
\\
[otp_user_settings.png]\\
\\
!2. Email based:

Email usage requires a SMTP server configured in the Preferences, General Settings area.\\
\\
Url : SMTP \\
(Just those 4 uppercase letters, nothing else.)
\\
[otp_email.png]\\
\\
The config will be used only for users which have an email and the "Two factor OTP/SMS authentication" flag enabled in the User Manager.\\
The email can be customized by creating an email template: "Two Factor Auth"\\
This step is required.
\\
[otp_email_template.png]\\
\\
Variable for the one time password : {auth_token}\\
\\
\\
OTP's mainly for Webinterface logins, variants like Google Authenticator TOPT would be straight meaningless for FTP, SFTP, since it's impossible enroll anyways. 
A hidden flag in __prefs.XML__ controls for which protocols OTP should be enabled by default
{{{
<twofactor_secret_auto_otp_enable_protocols>ftp,ftps,sftp,http,https,webdav</twofactor_secret_auto_otp_enable_protocols>
}}}
\\