2-Step Authentication is becoming more and more prevalent. Not having it on a WordPress website simply doesn't make sense. Anyone who has a WordPress website should install the Google Authenticator plugin for their 2-Step Authentication protection.
I did recently have an issue, with newly added Man in the Middle protection, but Henrik took it upon himself to locate the problem and find a solution. He will be providing additional info, via an FAQ, so this issue doesn't resurface, for others.
While I am now rating this plugin 5 Stars, I do have a feature suggestion. Even with this plugin installed, not all users, are electing to use the Google Authenticator 2-step Authentication, to protect their account. Those users, not using it, get confused, when accessing the login screen, because the login screen still asks them for the Google Authenticator Code, even if they aren't using it. While I understand this issue is explained for them, in a tool-tip, it seems a slightly different process could be better used. I would suggest that the 2-Step Authentication not occur on the same screen as the username/password, but in a screen after the username/password has been entered/validated. Then the Authentication screen could be displayed only for those users electing to use it, which is how most apps use 2-Step Authentication, anyway.