# MFA-Email verification codes ### Scope This section explains how **email verification codes** work as a Multi-Factor Authentication (MFA) method for personal accounts, including: * When email-based MFA is enabled * How the verification flow works during sign-in * What users should expect after enabling MFA > πŸ“Œ This guide applies only to **email-based MFA**. Other MFA methods (Authenticator App, Passkey) are documented separately. *** ### I am new. Where should I start? If you want to add an extra layer of security to your account without installing additional apps, **email verification codes** are the easiest way to start. When you enable **Multi-Factor Authentication (MFA)** in your account settings: * **Email verification is automatically enabled by default** * No additional setup is required *Security overview – MFA enabled, email listed as active method*\ \&#xNAN;*(example:* `/security` *page showing MFA enabled status)*
*** ### Purpose Email verification codes help protect your account by requiring **a one-time code sent to your email** after you enter your password. This ensures that: * Even if someone knows your password, they cannot sign in without access to your email * Account access remains under your control *** ### Prerequisites Before using Email verification codes for MFA, make sure that: * Your account email address is verified * You can access your email inbox * MFA is enabled in **account security settings**
*** ### I already understand. How do I proceed step by step? #### Step 1: Enable Multi-Factor Authentication 1. Go to **Account β†’ Security** 2. Turn on **Multi-Factor Authentication** βœ… Once MFA is enabled, **email verification is automatically activated**\ (No additional configuration is required) *** #### Step 2: Sign In with email and password 1. Open the **Sign In** page 2. Enter your email address and password 3. Click **Sign In** *** #### Step 3: Verify with email code (second step) * Select **email** as the verification method.
* Check your email inbox for the verification message. **Note**: If you do not receive the verification code, see [What should I do if I don't receive a verification code when signing up or forgot password?](https://silvertiger.atlassian.net/wiki/spaces/QD/pages/193331260) * Enter the verification code provided.
βœ… Sign-in is completed automatically once the code is validated. *** ### What happens if I don’t receive the email? If you don’t see the verification email: * Check your s**pam / junk** folder * Make sure your email address is correct * Wait a few seconds and request a new code πŸ”— See: [*What should I do if I don't receive a verification code when signing up or forgot password?*](https://silvertiger.atlassian.net/wiki/spaces/QD/pages/193331260) *** ### Security notes * Email verification codes are **one-time use** * Codes expire after a short period for security reasons * Verification is required **each time you sign in** when MFA is enabled * Email MFA can be combined later with: * Authenticator App (TOTP) * Passkeys (FIDO2 / WebAuthn) *** ### Summary | Item | Description | | ---------------- | -------------------------------------------- | | MFA method | Email verification codes | | Setup required | None (enabled automatically with MFA) | | Used during | Sign-in after password | | Delivery channel | Registered email address | | Security level | Medium (recommended baseline) | | Best for | Users who want simple MFA without extra apps | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://oten.gitbook.io/identity-support/user-guide/account-management/account-security/multi-factor-authentication-optional/mfa-email-verification-codes.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.