> For the complete documentation index, see [llms.txt](https://oten.gitbook.io/identity-support/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://oten.gitbook.io/identity-support/support/support-center/how-to-use-mfa-to-protect-your-account.md).

# How to use MFA to protect your account?

Q: What is Multi-factor authentication (MFA)?

A: It’s an extra layer of security for your account. When you sign in, you'll need your password plus a second verification step, like a code from your email or an app.

***

Q: Why should I use MFA?

A: It helps protect your account even if someone else finds out your password.

***

Q: Where can I manage my MFA settings?

A: Go to Settings → Security → Sign-in settings.

***

Q: What are my sign-in method options?

A:

1. Email verification: This is the default method. A 6-digit code is sent to your email. It is always active and cannot be turned off.
2. Authenticator app (TOTP): You can use an app like Google Authenticator or Authy to generate secure 6-digit codes that change every 30 seconds.

***

Q: How do I set up an Authenticator app?

A:

1. Under "Sign-in settings," select Authenticator app and tap Set up.
2. Scan the QR code that appears using your authenticator app.
3. Enter the 6-digit code from your app into Oten and tap Verify.

***

Q: What will logging in look like with MFA enabled?

A: It's a two-step process:

1. Enter your email and password.
2. Enter the 6-digit code from your email or authenticator app.

***

Q: What if I lose my phone or can't access my authenticator app?

A: You can select Regenerate QR in your settings. This will let you set up a new app, but you must verify your identity via email first.

***

Q: How do I remove an authenticator app?

A: Simply select the Remove option for that method. (Note: If MFA is required for your account, you must keep at least one method active).

***

Q: Do you have any security tips for MFA?

A:

* Always keep at least one backup method active.
* Never share your verification codes with anyone.
* If you see suspicious activity, check Settings → Security → Devices and remove any you don't recognize.
