# Enable Multi-factor Authentication for a User Multi-factor authentication is more secure than a simple username-password combination. You can enable multi-factor authentication for a login to Platform9. With multi-factor authentication, a user is expected to provide a time-based one-time password to sign in, apart from the username and password. A time-based password is generated by a multi-factor authentication application (MFA app) such as Google Authenticator. Mobile users can install an MFA app such as Google Authenticator, Duo Mobile and Authy on their mobile phones. Laptop or computer users can install an MFA app such as Authy on their computers. {% hint style="info" %} **Info** **Note:** In general, multi-factor authentication is implemented as an organization-wide policy, rather than restricting multi-factor authentication to a select set of users. However, the policy must be configured individually for every user in the tenant for the organization. {% endhint %} To enable multi-factor authentication, follow the steps given below. 1. Log in to Clarity. 2. Click Tenants and Users in the left panel. 3. Click the Users tab. 4. Select the checkbox for the user to edit. 5. Click Manage MFA on the toolbar seen above the list of users. 6. Click ENABLE. 7. Scan the QR code that is displayed in the Manage Multi-Factor Authentication dialog box, with an MFA app such as Google Authenticator. 8. Enter the authentication code displayed to you by the MFA app on scanning the QR code. 9. Enter the next authentication code displayed to you by the MFA app. 10. Click Verify. 11. Click Enable. The MFA app is paired with the user account. The user can install the MFA app on his or her smart device or laptop to generate and use a time-based one time password to log in to Clarity UI. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.platform9.com/managed-openstack/5.8/authentication-and-authorization/authentication-enable-mfa-for-user.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.