# Setting up Multi-Factor Authentication (MFA)

### Prerequisites

* A smartphone with an authenticator app installed
* Access to your account settings on CISO Assistant

### Enable MFA

1. Sign in to your account and navigate to 'My profile'

<figure><img src="/files/uZvEGHZw8YbRs9IebQO1" alt=""><figcaption></figcaption></figure>

1. Select the 'Settings' button
2. Look for the Security section and click 'Enable 2FA'
3. Set up your authenticator app:

   * Open your authenticator app on your smartphone
   * Scan the QR code displayed on your screen
   * Alternatively, you can manually enter the provided secret code into your authenticator app

   <figure><img src="/files/ivubmocuWcEOSNn1ggu9" alt=""><figcaption></figcaption></figure>
4. Enter the 6-digit verification code shown in your authenticator app
5. Click 'Enable 2FA' to complete the setup

### Important: Save Your Recovery Codes

After enabling MFA, you'll receive a set of recovery codes. These codes are crucial for regaining access to your account if you:

* Lose your phone
* Uninstall your authenticator app
* Cannot access your authenticator app for any reason

{% hint style="warning" %}
**Security Warning**:

* Store your recovery codes in a secure location, separate from your password
* Each recovery code can only be used once
* Never share your recovery codes with anyone
* Consider storing a copy both digitally (in a password manager) and physically (printed in a secure location)
  {% endhint %}

<figure><img src="/files/v17Q3OgZuaAN4S1a6F2k" alt=""><figcaption></figcaption></figure>

### Next Steps

* Test your MFA setup by logging out and back in
* Reach out for support if you encounter any issues during setup

## Enforce MFA for all users

Starting v3.13.0 you can now enforce MFA for all users by enabling this flag. Users will see a persistent redirct to MFA configuration page until it is done. The feature doesn't interfere with SSO as long as the user doesn't have both a local account andd an SSO one.

<figure><img src="/files/D69vaaT86I8QuMkg7XHx" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://intuitem.gitbook.io/ciso-assistant/features-focus/setting-up-multi-factor-authentication-mfa.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.