Default will send an email with a login code, to the address in your admin user record.
You can also set up an Authenticator app on your smart phone, we recommend Google Authenticator. Here’s how to activate the app:
Go to your profile in WordPress – after you login as admin, your name shows at the right end of the black bar at the top of each screen. Hover over that and choose your profile.
At the bottom of your profile are options for 2-factor login security. By default the email option is selected. Don’t unselect this option, as it is a good fall-back. Do select the Time Based Onetime Password option and make it the default.
A QR code will appear. Using your authenticator app, add a new site (tap the plus button in Google Authenticator), choose to scan a QR code.
Enter the current 6 character code from your phone into the field in your WordPress profile. Your profile should update when you click the button.
Test it by logging out and then login again. You can always fall back to the emailed code via the link at the bottom of the login screen.