Two Factor Auth is a WordPress plugin by oskarhane that adds extra security to your WordPress login with this two factor auth. Users trying to login will be prompted with a page to enter a code that was emailed to them.
When the user type the correct code in the text field the user gets logged in. If the users enters the wrong code, he/she comes back to the regular login page and have to start over again.
With this security added, no one can just guess your password and get logged in, they must have control over your email account as well.
XMLRPC users will not be affected, this is just for the login to admin pages.
Plugin homepage: http://oskarhane.com/plugin-two-factor-auth-for-wordpress