There are multiple modules available in the appstore that implement some form of 2-factor authentication (for example HOTP or TOTP). You can try some of these in your app to see whether they fulfill your needs and whether they are compatible with the version of Mendix that you’re using.
The science behind OTP verification is not super difficult. If you want you can make your own implementation in Mendix. Wikipedia (https://en.wikipedia.org/wiki/One-time_password) would be a good starting point to read into it.