but if I as admin give them the key and they come only through the key in the WordPress site.
This would require that they first have to set everything with the key and the app from Google before they log into WordPress.
So I have no way as admin to determine that the users should all use 2FA?
