The use of Two-Factor Authentication increases the security of the Virtualmin web interface by going beyond using a simple password.
How to ensure that all users or a group of users can access Virtualmin with 2FA enabled, without first having access to Virtualmin configurations or without using Google Authenticator? In this case, by using PluginTOTP.
Below how to proceed:
Use the secret code you obtained in the previous step as the value of PluginTOTP 'secret' parameter.
Example:
{totp secret="HFAYNXE6DSHVH5XJ" interval="60" issuer="MY TIKI"}
Please see PluginTOTP for more information.
Finally, use the token generated by the PluginTOTP or by Google Authenticator, in case you scan the QR code, to connect to Virtualmin, after the Username and Password step.