> ## Documentation Index
> Fetch the complete documentation index at: https://planetscale.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Multi-factor authentication

> Multi-factor authentication (MFA) provides better safety for your databases and prevents unauthorized access to your user account. 

## Overview

MFA strengthens security by requiring two or more methods *(i.e. authentication factors)* to verify your identity.

PlanetScale allows users logging in with an email address and password to set MFA as a requirement for logging into the user account.

<Note>
  If you're authenticating via GitHub OAuth or [SSO](/security/sso), MFA settings will not be displayed.
</Note>

### Authentication providers

PlanetScale supports login with a unique *time-based one-time password (TOTP)* that is generated for your user account by using TOTP apps such as [1Password](https://support.1password.com/one-time-passwords/), [Authy](https://help.twilio.com/articles/19753413823643), or [LastPass Authenticator](https://lastpass.com/auth/).

## Enable MFA

You can enable MFA for your user account under your PlanetScale account settings.

<Steps>
  <Step>
    Go to your [PlanetScale account settings](https://app.planetscale.com/account) page.
  </Step>

  <Step>
    Find the **Security** row and click the **"Setup multi-factor authentication"** button.

    <Frame>
      <img src="https://mintcdn.com/planetscale-2/GA0k5H-MolPvBjDk/images/assets/docs/concepts/mfa/setup.png?fit=max&auto=format&n=GA0k5H-MolPvBjDk&q=85&s=759dc07f699bb12c7115b2b24ee035d6" alt="Click the &#x22;Setup MFA&#x22; button priority" width="3074" height="282" data-path="images/assets/docs/concepts/mfa/setup.png" />
    </Frame>

    This will bring up a pop-up modal with a *QR code* and some `recovery codes` that you will need to copy.

    <Frame>
      <img src="https://mintcdn.com/planetscale-2/GA0k5H-MolPvBjDk/images/assets/docs/concepts/mfa/recovery-codes.png?fit=max&auto=format&n=GA0k5H-MolPvBjDk&q=85&s=3f7c5e1ab150e3b48f164a04bfc6c237" alt="Pop-up modal with QR code and recovery codes priority" width="976" height="1522" data-path="images/assets/docs/concepts/mfa/recovery-codes.png" />
    </Frame>

    <Warning>
      Recovery codes are the only account recovery method accepted when MFA is enabled. If you lose both your TOTP app and the recovery codes, there is no way to regain access to your account.
    </Warning>
  </Step>

  <Step>
    Scan the QR Code with your preferred TOTP app and enter the generated code.
  </Step>

  <Step>
    Press **"Validate OTP"** to ensure that your application setup is correct.
  </Step>

  <Step>
    Once the generated code is validated, click the **Copy** button in the `recovery codes` section.

    <Frame>
      <img src="https://mintcdn.com/planetscale-2/GA0k5H-MolPvBjDk/images/assets/docs/concepts/mfa/copy.png?fit=max&auto=format&n=GA0k5H-MolPvBjDk&q=85&s=2a28f8791b68f85570d38818c99256b0" alt="Copy the recovery codes" width="1018" height="196" data-path="images/assets/docs/concepts/mfa/copy.png" />
    </Frame>

    <Tip>
      Recovery codes are only visible during the MFA setup process. Make sure the recovery codes are copied and saved some place secure before continuing.
    </Tip>
  </Step>

  <Step>
    Click **Done** to close the pop-up modal.
  </Step>
</Steps>

## Login with two-factor authentication

Once you've enabled MFA in your PlanetScale user account, the next time you login, you'll be prompted to enter your two-factor authentication (2FA) code.

* Use the **OTP code** generated by your preferred TOTP app to login to your PlanetScale account.

## Recovery code login

The `recovery codes` shown during MFA setup are **the only way regain access to your account** in the event that you lose the device that generates your authentication codes. PlanetScale will not accept any other method of authentication or identification.

You can use one of the `recovery codes` in the place of a TOTP token on the second screen during login.

## Disable MFA

<Warning>
  We strongly recommend that you do not disable MFA to avoid unauthorized access to your user account.
</Warning>

<Note>
  * Any devices setup with the QR code for your account will no longer be able to produce valid OTP tokens.
  * Any recovery codes that were generated when MFA was enabled will no longer be valid.
</Note>

You can disable MFA for your user account under your PlanetScale account settings.

<Steps>
  <Step>
    Go to your [PlanetScale account settings](https://app.planetscale.com/account) page.
  </Step>

  <Step>
    Click the **Disable** button next to *"Multi-factor authentication enabled"* in the **Security** row.

    <Frame>
      <img src="https://mintcdn.com/planetscale-2/GA0k5H-MolPvBjDk/images/assets/docs/concepts/mfa/disable.png?fit=max&auto=format&n=GA0k5H-MolPvBjDk&q=85&s=7e3ac87c9a3b1a1fd18d7419f757f0c5" alt="Click the &#x22;Disable&#x22; button" width="2418" height="214" data-path="images/assets/docs/concepts/mfa/disable.png" />
    </Frame>
  </Step>

  <Step>
    Enter an **OTP code** or one of the `recovery codes` generated by your preferred TOTP app to confirm.

    <Frame>
      <img src="https://mintcdn.com/planetscale-2/GA0k5H-MolPvBjDk/images/assets/docs/concepts/mfa/modal.png?fit=max&auto=format&n=GA0k5H-MolPvBjDk&q=85&s=c8315d37e641c8aa2b4200c14169cdb1" alt="Disable MFA pop-up modal" width="980" height="814" data-path="images/assets/docs/concepts/mfa/modal.png" />
    </Frame>
  </Step>

  <Step>
    Click the **Disable** button to close the pop-up modal.
  </Step>
</Steps>

## Need help?

Get help from [the PlanetScale Support team](https://planetscale.com/contact?initial=support), or join our [Discord community](https://pscale.link/community) to see how others are using PlanetScale.