> For the complete documentation index, see [llms.txt](https://docs.cloudplans.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.cloudplans.io/user-management/mfa.md). # MFA Cloud Plans can work with normal \ users, but we strongly recommend you to enable MFA in your Account as we recommend to require MFA in most of the Organization operations. MFA is used to authenticate if the identity of a user is genuine. It requires a user to present two or more pieces of evidence, or factors, for authentication. A key goal for MFA is to add additional authentication factors to increase security. The well-designed multi-factor authentication strategy strives to maintain a balance between added security and user convenience. The primary objective of multi-factor authentication is to reduce the risk of account takeovers and provide additional security for users and their accounts. Since [over 80% of cyber breaches](https://enterprise.verizon.com/en-gb/resources/reports/2020-data-breach-investigations-report.pdf) happen due to weak or stolen passwords, MFA can provide added layers of security necessary to protect users and their data. If one of the factors such as a user’s password is stolen or breached, the other factors provide an additional layer of security and assurance of the user identity. Organizations use MFA for a variety of reasons. Three primary purposes of MFA implementation include: Security: Enhancing the security and safety of business information and operation is the chief purpose of multi-factor authentication. The strength of a technological safety system depends on the number of layers or factors incorporated in the software. Systems using two or more authentication factors are considered safer than others. Usability: Working with MFA provides an opportunity to eliminate the use of passwords. The average user has in excess of 40 mobile apps and managing to remember complex passwords for each account is a challenge for most users. Password managers do help however for most users, resetting their password is a common event that adds unnecessary and unwelcome friction to accessing online accounts. Compliance: MFA can be a chief requirement for complying with specific industry regulations. Many states or local rules already state that organizations should utilize multi-factor authentication under some circumstances. Organizations are required to comply with these regulations to avoid potential fines and minimize audit findings. To start using MFA: * Login into the console * Click on \
* Just toggle the enable/disable MFA button
* If it waas dissabled, you will be prompted to:
* 3 simple steps: 1. Scan a QR with your MFA favorite application (MS Authenticator, Google Authenticator, Authy...) 2. As Soon As Possible introduce the current code your Application shows you into the text field for the current code 3. Click on \ * Next time you Access the Console you will be prompted to enter the MFA after the password challenge. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.cloudplans.io/user-management/mfa.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.