# Turn on MFA password secondary authentication

Multi-factor authentication (MFA) is a security system that is a secondary authentication for verifying the legitimacy of an operation. For example, a bank’s USB, remote login requires mobile phone SMS verification. This article introduces a 6-digit password (TOTP) multi-factor authentication method that dynamically changes over time.

# Pre-work

If you do not have an Authing account, please register (opens new window) an Authing account, [create a user pool](/quickstart/create-authing-account.md#authing-user pool) And [create an application](/quickstart/create-authing-account.md#create your first application).

# Enter user personal center

Visit https://<your application domain name>.authing.cn to log in. Then visit https://<your application domain name>.authing.cn/u to enter the user center.

# Bind MFA

Click MFA Binding on the left, open Google Authenticator / Microsoft Authenticator on your phone and scan the code to add MFA. This article uses Microsoft Authenticator to add MFA.

As shown, select another account.

After scanning the code, the MFA is automatically added, and you can view the MFA just added in the list.

Click Next in the user center, enter the dynamic password displayed on the newly added MFA, complete the confirmation binding, and click "Next".

View MFA password on mobile

Enter the MFA password on the binding page

Be sure to save the recovery code shown here safely. If you lose your MFA in the future, you can use this recovery code to restore account access. Click "Next".

The binding is successful.

# Unbind MFA

Click "Unbind" to unbind MFA.

# Login with MFA password

Log out from the application first: https://<your application domain name>.authing.cn/oidc/session/end, then visit https://<your application domain name>.authing.cn, use Log in with an account that has been bound to MFA, and you will be prompted to enter a security password for secondary authentication.

Enter the correct password, complete the secondary authentication, and log in.

The second authentication is successful.