Require multi-factor authentication (MFA)
- Category
- Security
- Published
Enforce multi-factor authentication for all users in your application
Securing your user base even more just got a lot easier. You can now require multi-factor authentication (MFA) across your entire application with a single toggle.
This ensures that every user, whether they are signing up for the first time or returning to an existing account, adds a critical layer of protection before they can access your application.
What's new
The require multi-factor authentication (MFA) setting eliminates the "opt-in" gap. Previously, users had to manually choose to secure their accounts. Now you can make it a requirement for entry.
If a user signs-in or signs-up without multi-factor authentication (MFA) enabled, they’ll be guided through the setup flow before proceeding.
This works seamlessly with Clerk’s prebuilt components. Users can choose from the available application MFA methods, including Authenticator application (TOTP) and SMS verification code.
Getting started
To require multi-factor authentication (MFA) across your application:
- Ensure your Clerk SDKs meet the minimum required versions. Refer to the setup-mfa session task guide for version requirements.
- Navigate to Multi-factor in the Clerk Dashboard
- Enable one or more MFA strategies (Authenticator application or SMS verification code).
- Turn on Require multi-factor authentication
Once enabled, new users will be prompted to set up MFA during sign-up, and existing users without MFA will be prompted the next time they sign-in.
To learn more, visit the setup MFA guide.