With Duo Security you can use Multi-Factor Authentication (MFA) with your WordPress installation.
Duo Authentication Proxy
The Duo Authentication Proxy sits between your WordPress installation and the connected Active Directory. Each authentication request from NADI is intercepted by the proxy, then asking for MFA credentials.
Install the Duo Authentication Proxy as described in their documentation.
After the installation, set up your NADI Environment configuration:
Domain Controllers|IP of the host you have Duo Authentication Proxy installed to|
Allow self-signed certificates|probably Checked or configure x.509 certificates for LDAPS|
LDAP network timeout|60|
Base DN|Must match with your Duo Proxy’s
After NADI has been set up, you can try to log into WordPress with one of your Active Directory users. Duo-enabled users are now required to enter their additioanl MFA credentials.