To enable Multi-Factor Authentication (MFA) your security enabled user should navigate to the security settings screen. Note that only the users with security settings will see this interface.
Admin > Security Settings.
1. Define which roles require authentication. Best practice is to protect high access roles - specifically admin and user. Other option include review, view and contact web access (if you have given a contact access to the customer portal).
2. Define how often your users should authenticate. As long as they are accessing the system from the same IP address, the authentication will be maintained.
If a user is trying to access the system, and is unable to receive the authentication email, a user with security permission can override the setting. This must be manually set and unset. This option is ONLY available to users with the security permission.
The user email (with the authentication code) is a system specific email, and cannot be edited. The customer facing template can be changed.