This plugin has no regard for the security of players who use 2FA. This plugin will store passwords IN PLAIN TEXT, which is terrible practice, insecure, and leaves the players using 2FA at risk. The latest addition of "/2fa password <player>" allows the administrators to view player passwords at any times (and the passwords can be stolen from the file in which they are saved). I HIGHLY recommend that you find another solution that properly hashes passwords, or uses another 2FA system like Google 2FA. I would not recommend using this plugin even as a last resort.