# Setup Multi-Factor Authentication As an open-appsec Premium Edition subscriber multi-factor authentication (MFA) is available for strong user authentication of your open-appsec web UI tenant. ## How to activate MFA / 2FA In order to activate 2FA for your tenant, please send us an email to and request activation, providing also your tenant ID or alternatively open a support request directly from your tenant. In the future you will also be able to activate this directly from the open-appsec web UI. Once 2FA was activated for a tenant, when any tenant user logs in who didn't use 2FA so far, he will be shown the QR code for registering the open-appsec 2FA authentication in his authenticator app (you can use e.g. the Google Authenticator or Microsoft Authenticator app for this) and be asked to confirm the correct registration in his authenticator app by entering a correct one time code from his authenticator app. From now on that user will be required to provide his one-time-code in addition to the regular sign-in, see screenshots below.

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.openappsec.io/setup-instructions/setup-multi-factor-authentication.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.