MFA Guide

What is MFA

Multi-factor authentication (MFA) is a layered approach to securing online accounts. MFA requires users to provide two or more independent credentials to verify their identity.

Something You Know

A password, PIN, or answer to a security question.

Something You Have

A security token, smartphone, or physical hardware key.

Something You Are

Biometric verification like a fingerprint or facial recognition.

Types of MFA

Hardware Tokens: Devices like Yubikey or Nitrokey.

Phishing-resistant.
Does not require a battery or internet connection for the token itself.
Highly recommended for high-risk accounts.

How To Enable MFA

App MFA (TOTP) Setup

Log in to your account and navigate to Settings.
Go to Security & Privacy (or similar).
Enable or set up Multi-Factor Authentication (MFA).
Select “Mobile App” or “Authenticator App”.
Scan the QR Code with your chosen authenticator app.
Securely store the MFA “seed” or “secret key” in your password manager.
Download Backup Codes and store them in a secure, offline location.

Hardware Token (U2F) Setup

Log in and go to Security Settings.
Select “Add Hardware Key” or “Security Key”.
Insert your hardware token into the USB port or tap via NFC.
Touch the gold disk or button on the key when prompted.
Add a second backup key if possible, to avoid being locked out if one is lost.

Aegis (Android): Open-source, local backups, highly customizable.
2FAS (iOS/Android): Easy to use, iCloud/Google Drive backup options.
OTP Auth (iOS): Feature-rich with Apple Watch support.