update README.md

README.md

@@ -5,7 +5,11 @@
 [![GitHub Code Style Action Status](https://img.shields.io/github/actions/workflow/status/emargareten/two-factor-laravel/fix-php-code-style-issues.yml?branch=master&label=code%20style&style=flat-square)](https://github.com/emargareten/two-factor-laravel/actions?query=workflow%3A"Fix+PHP+code+style+issues"+branch%3Amaster)
 [![Total Downloads](https://img.shields.io/packagist/dt/emargareten/two-factor-laravel.svg?style=flat-square)](https://packagist.org/packages/emargareten/two-factor-laravel)
 
-Two-Factor-Laravel is a package that implements two-factor authentication for your Laravel apps using one-time passwords (TOTP).
+Two-Factor-Laravel is a package that implements two-factor authentication for your Laravel apps.
+
+If enabled, the user will be required to enter a six digit numeric token during the authentication process. This token is generated using a time-based one-time password (TOTP) that can be retrieved from any TOTP compatible mobile authentication application such as Google Authenticator.
+
+You can also retrieve the current one-time password and send it to the user via SMS/email.
 
 ## Installation
 
@@ -74,7 +78,8 @@ class TwoFactorAuthenticationController extends Controller
 }
 ```
 
-After enabling two-factor authentication, the user will need to confirm two-factor authentication by entering the one-time password generated by their authenticator app (or sent to them via SMS/email). You should provide a way for the user to do this. For example, you could provide a view that displays the QR code and secret key for the user to scan into their authenticator app:
+After enabling two-factor authentication,
+the user must still "confirm" their two-factor authentication configuration by providing a valid two-factor authentication code. You should provide a way for the user to do this. For example, you could provide a view that displays the QR code and secret key for the user to scan into their authenticator app:
 ```php
 use Illuminate\Http\RedirectResponse;
 use Illuminate\Http\Request;
@@ -128,7 +133,7 @@ $user->getCurrentOtp();
 ```
 
 > **Note**
-> When sending the one-time-password via SMS/email, you should set the window config to a higher value, i.e. 10, to allow the user to enter the one-time password after it has been sent.
+> When sending the one-time-password via SMS/email, you should set the window config to a higher value, to allow the user to enter the one-time password after it has been sent.
 
 You should also provide a way for the user to disable two-factor authentication. This can be done by calling the `disableTwoFactorAuthentication` method on the user model: