Like any standard RADIUS implementation, Password Manager sends both the username and password for verification.
How RADIUS is configured results in the second part of that verification. Hence the 2FA – or two-factor authentication:
Factor 1: The username and corresponding password
Factor 2: Either a PIN, token, phone call, SMS text, or App prompt
Factor 1 is us sending username & password to RADIUS.
Factor 2 is RADIUS doing the second part in however it’s configured – OTP (one time password), PIN, etc.
Password Manager currently does not directly support Azure MFA. This functionality will be considered in an upcoming release of Password Manager. For now Azure MFA can be used if your RADIUS server is configured for Azure (such as Microsoft's Multi-Factor Authentication server).