### What's MFA?

When a user logs into an app, they need to authenticate themselves. Requiring only one factor can be risky—if someone else gains access to a user’s credentials, they can log in as that user. **Multi-factor authentication (MFA)** addresses this by requiring users to use two authentication factors to gain access, making it much harder for unauthorized parties to access accounts.

MFA uses two of the following factors:

- Something you know (e.g., a password)
- Something you have (e.g., a phone)
- Something you are (e.g., a fingerprint)


Frontegg provides MFA out-of-the-box and allows customization by vendors, customers, and end-users.

### MFA in Frontegg apps

MFA in Frontegg can be divided into two main components: **MFA policy** and **MFA methods**.

- **MFA policy**: Defines if end-users are required to use MFA.
- **MFA methods**: Specifies the authentication methods users may use as their second factor.