Roasted 2FA (Two Factor Authentication) is a security plugin to increase the security of your NopCommerce administration panel. The plugin blocks access to admin areas of your NopCommerce store by asking an additional One Time Passcode, in addition to regular email/username and password authentication.
Use the configuration page of the plugin to understand how to use the plugin. The passcode can be generated using an application like Google Authenticator or Authy. The main features of the plugin are as follows.
While it's OK to use email and password for authentication, sometimes a hacker may gain access to your credentials using certain tools like keylogger or other similar tools. What this plugin does is sets up a two factor authentication for each administrator of the NopCommerce website. That authentication mechanism requires you to enter a onetime passcode that expires every 30 seconds. The beauty is that the passcode is unique for each customer. That's why even if hacker gets your administrator email/username and password, he'll still have to go through another barrier of One Time Passcode which'll only be generated on your mobile application.
The plugin is available for FREE.