2FA in Joomla - Implementations
There are of course a couple more methods available, but we didn't find enough time to try them all. Most probably a couple more methods will be tested and described in the near future so check back often to find out what we have.
Joomla core implementations
The Yubikey is a physical device (cost price of 25€ at the time of writing this article) which can be used to generate your second authentication token. You need to have it on the USB port of the device you are using to log in, otherwise it won't work.
Another second authentication device can be Google Authenticator, which is created and maintained by (not surprisingly) Google. This app can be used on a lot of Android devices, but as the secret key changes every 30 seconds you need to have your device with you so again the "you HAVE something" theorem is respected.
Joomla component implementations
A third 2FA feature is logging in through Clef, a brand new authentication method. Even if it's quite new, there is already a Joomla implementation avialable (through a component - you need to provide your mailaddress before you can download the component), so we describe the installation and configuration process for this one in a specific article on Clef 2FA in Joomla.