@toondg, Thank you for reaching out to us.
By default, only admins are allowed to use 2FA, or super-admins on multisite installations. You can enable 2FA for other roles on the site, and each user can manage their own 2FA devices. Non-admin users will see a separate Login Security menu on the WordPress menu when you enable 2FA for their roles.
https://www.wordfence.com/help/login-security/ is an amazing resource for learning more about 2FA.
Thank you for your reply. I checked that page previously, but apparently I missed this section:
“By default, users must be able to see wp-admin pages in order to set up 2FA. If you use WooCommerce, you can enable “Show Wordfence 2FA menu on WooCommerce Account page” to allow the Customer role to see the 2FA settings on their account page. If you use a membership or forum plugin that does not allow low-privileged roles to see wp-admin, you can enable “2FA Management Shortcode”, and place a shortcode on the user’s account page. In some cases, using these options may require CSS changes, if the color or layout of the form needs to be adjusted. We recommend checking any customized pages while logged in as a customer or subscriber (or any other low-privileged user), when enabling this option.”
I just tried the [wordfence_2fa_management] shortcode, and it shows up on a custom page.