In this article, we will implement two-factor authentication (2FA) for a Strapi CMS application using email-based OTP verification and Time-based One-time Password (TOTP) via authenticator apps. The goal is to improve user account security by adding an extra layer of protection beyond traditional passwords. We will cover both backend and frontend development to provide a complete authentication experience.