This authentication method is also based on the principle of Time Based One Time Password (TOTP). In this 2FA method, the user is first asked to configure their mobile phone, then an OTP is sent on the registered mobile number and the user has to enter the OTP to log into the application. The OTP is time-based i.e. it is valid for only a certain period of time. Once it expires, the user can not use it to get access to the application, the user has to request a new OTP.

For using OTP Over SMS as an authentication method, you have to configure a SMS gateway in the plugin. A SMS gateway is basically a system that handles sending the SMS to the specified mobile numbers.

There are two options in the plugin for configuring SMS gateway. This setting can be found in the Advanced Settings tab of the plugin.

  1. miniOrange Gateway
  2. Custom Gateway
    You can find more details about these two gateway’s here.