Defines the two-factor module to authenticate customers.
This setting is not active by default.
Defines if customers should be allowed to login if they have no shared secret stored in their preferences and therefore are not using two-factor authentication.
Defines if the previously valid token should be accepted for authentication. This is slightly less secure but gives users 30 seconds more time to enter their one-time password.
Defines the customer preferences key where the shared secret key is stored.
This setting can not be deactivated.