@umerosie
The Two-Factor plugin will not stop email spam. You will need to implement a Captcha or reCaptcha feature to your contact forms on your website. However, if you want to make your website secure from hacking, the Two-Factor plugin will provide an extra layer of protection to your login. Instead of just providing a username and password, the Two-Factor plugin will also add another step to verify login credentials. This will ultimately prevent anyone who obtained your username and password from logging in because they will also need a verification code from the Two-Factor feature in order to gain access to the site. You can set up how you can receive the verification code, either through Email, Time Based One-Time Passwords (TOTP), FIDO Universal 2nd Factor (U2F) or Backup Codes.
To prevent email spam, you can use a Captcha and/or reCaptcha plugin. This will help prevent email spam from bots hitting your contact forms, it can also prevent comment spam from bots hitting your comment forms and it will prevent bots from trying to guess login credentials on your login forms. There are plenty of free all-in-one type Captcha plugins.
Hope this information was helpful.
Best,
Carm
