# Turn on MFA password secondary authentication
Multi-factor authentication (MFA) is a security system that is a secondary authentication for verifying the legitimacy of an operation. For example, a bank’s USB, remote login requires mobile phone SMS verification. This article introduces a 6-digit password (TOTP) multi-factor authentication method that dynamically changes over time.
# Pre-work
If you do not have an Authing account, please register (opens new window) an Authing account, [create a user pool](/quickstart/create-authing-account.md#authing-user pool) And [create an application](/quickstart/create-authing-account.md#create your first application).
# Enter user personal center
Visit https://<your application domain name>.authing.cn
to log in. Then visit https://<your application domain name>.authing.cn/u
to enter the user center.
# Bind MFA
Click MFA Binding on the left, open Google Authenticator / Microsoft Authenticator on your phone and scan the code to add MFA. This article uses Microsoft Authenticator to add MFA.
As shown, select another account.
After scanning the code, the MFA is automatically added, and you can view the MFA just added in the list.
Click Next in the user center, enter the dynamic password displayed on the newly added MFA, complete the confirmation binding, and click "Next".
View MFA password on mobile
Enter the MFA password on the binding page
Be sure to save the recovery code shown here safely. If you lose your MFA in the future, you can use this recovery code to restore account access. Click "Next".
The binding is successful.
# Unbind MFA
Click "Unbind" to unbind MFA.
# Login with MFA password
Log out from the application first: https://<your application domain name>.authing.cn/oidc/session/end
, then visit https://<your application domain name>.authing.cn
, use Log in with an account that has been bound to MFA, and you will be prompted to enter a security password for secondary authentication.
Enter the correct password, complete the secondary authentication, and log in.
The second authentication is successful.