Take a look at the Multifactor Authentication Module in the Mendix Marketplace.
This allows two-factor authentication via email, SMS, Google Authenticator, etc.
Hope this helps and good luck with your implementation!
you can use OTP Integration which works by REST APIs. there are several present on web.
What you have to do is, make an annonymous user which have only access to the login page only.
As soon as the annonymous user enters his/her name, the system should retrieve his phone number(if present) and generate an OTP(you can use randomizer or password generator widget) and send it through REST API’s. Now the System which generated the APIs knows the OTP,
we can easily compare the Entered OTP with the Sent OTP.
If both match, we can allow the user to login.
Hope it helps.