MFA-Authenticator apps (TOTP)

This section explains how to use Authenticator Apps (TOTP) as a Multi-Factor Authentication (MFA) method, including:

  • How to set up an authenticator app

  • How TOTP verification works during sign-in

  • What happens after successful setup

📌 This guide covers Time-based One-Time Password (TOTP) authentication only. Email-based MFA and o=passkeys are documented separately.

I am new. Where should I start?

If you want stronger security than email codes, authenticator apps are recommended.

An authenticator app:

  • Generates a time-based one-time code on your device

  • Works even without internet access

  • Is harder to compromise than email

Common authenticator apps:

Purpose

Authenticator-based MFA adds a second security factor by requiring a temporary code generated on your personal device, ensuring:

  • Only users with physical access to the device can sign in

  • Protection against phishing and email compromise

  • Compliance with higher security requirements

Prerequisites

Before setting up an authenticator app, make sure that:

  • Your account is created and signed in

  • Multi-Factor Authentication (MFA) is enabled

  • You have installed an authenticator app on your mobile phone or tablet

I already understand. How do I proceed step by step?

Step 1: Enable Multi-Factor Authentication

  1. Go to Account → Security

  2. Turn on Multi-Factor Authentication

⚠️ Email verification is enabled by default when MFA is turned on. Authenticator App is an additional method you can add.

Step 2: Set Up Authenticator App

  1. In Security → Multi-Factor Authentication

  2. Select Authenticator App

  3. Click Set up authenticator app

  4. Turn on Authenticator app

Step 3: Scan QR Code

  1. Open your authenticator app on your device

  2. Choose Add account

  3. Scan the QR code shown on the screen

If you cannot scan the QR code, you can manually enter the setup key.

Step 4: Verify Setup

  1. Enter the 6-digit verification code generated by the authenticator app

  2. Click Confirm

✅ Authenticator App MFA is now successfully enabled.

Sign-In Flow with Authenticator App

Once Authenticator MFA is enabled:

  1. Enter your email and password

  2. Select Authenticator App as the verification method

  3. Select Authenticator as the verification method.

  1. Open your authenticator app on your mobile phone or iPad.

If you have not installed an authenticator app, install one before continuing.

  • Enter the verification code displayed in the app.

  • Sign-in completes automatically after successful verification.

Security Notes

  • TOTP codes refresh every 30 seconds

  • Codes are single-use and time-limited

  • Authenticator apps work offline

  • You can keep Email MFA enabled as a backup method

  • You can remove or reset the authenticator app from Security settings

Troubleshooting

Lost your device?

  • Use Email verification (if enabled) to sign in

  • Reset MFA from account security settings

Code not working?

  • Ensure your device time is set automatically

  • Wait for the next code refresh and try again

Summary

Item

Description

MFA Method

Authenticator App (TOTP)

Setup Required

QR code or manual key

Used During

Sign-in after password

Internet Required

No

Security Level

High

Best For

Users needing stronger account protection

PreviousMFA-Email verification codesNextMFA-Passkeys (FIDO2 / WebAuthn)

Last updated