2-factore authentication other than login
after clients log in, can we have some facility such as API using 2-factor authentication functions for other important transactions? this is much similar to what banks do when you want to transfer money from one account to another, they will send a passcode to the registered cell phone as verification.
Here is my use case: for certain operations in client area UI, for
example to manage servers from other plugins, before allowing users to
proceed, I would like to ask user to provide some sort of second
credential that whmcs supported in 2-factor authentication such as a
passcode generated every 30 seconds or texted to the user's cell phone.
This is different from login as it happens after users have logged in.