Two Factor Authentication
Allow users to log in with Two-Factor authentication devices such as Google Authenticator or Authy.
Enable Two Factor
This enables Two Factor on your WordPress site.
Minimum role at which a user can use two-factor authentication.
For more information on WordPress roles and capabilities please see http://codex.wordpress.org/Roles_and_Capabilities.
Warning: If your site invites public registrations setting the role too low may annoy your members.
Once two-factor authentication has been activated within iThemes Security Pro, any applicable user can then activate the feature for their own account by editing their profile. To override two factor authentication to restore access to an account a site admin can edit the user's profile.
Server Time Offset
Set the server time allowance.
Two-factor authentication is completely dependent on the correct time being set on your server. Normally your server time must be correct within 30 seconds. If your server time is off by up to 5 minutes you can still make it work however by adjusting the offset field which will compensate for incorrect time in 30 second increments. Do not adjust this settings unless you have to.