These settings cover the following restrictions:
- Enable or disable logging in to the web interface with a password (without it, you need a third-party authentication provider such as Google)
- Enable or disable password authentication for Git over HTTPS (without it, a personal access token is needed)
- Enable or disable two-factor authentication (with a grace period that determines how long a user can wait during configuration)
It is possible to use a hardware token device as a second factor, as you can see in the following screenshot (this only works in Chrome):
You can also choose to use a code generator app such as Google Authentication:
You can also set a home page URL here, which is where non-logged-in users will be redirected to. In the same way, you can define an after-sign-out path, where users will be led to when they sign out.
Finally, it's also possible to set a standard sign-in text to be visible on the login page.