# Multi-Factor Authentication (MFA)

## What Is MFA
Multi-factor authentication (MFA) is an account protection mechanism that requires two or more distinct forms of evidence of account ownership before granting login access. This ensures only the true owner of the account can gain control of the account and make changes by providing a password and at least one other form of authentication.

By default, when you log into your Cherry Servers account for the first time, we will ask you to verify your email address using a six digit code we send to the email provided. Once your email address has been verified, each time you log into your Cherry Servers account from a new device, we will send a verification code to your email to confirm that the owner of the account is attempting to log in from the unknown source.

Alongside traditional password login, Cherry Servers offers MFA in two ways:
- Trusted Authenticator App
- SMS

To use an authenticator, you must install and set up a trusted authenticator app such as Authy, Google Authenticator, 1Authenticate, or others. This is the recommended method.

To use SMS authentication, you will be required to verify your phone number in advance.

## Why Is MFA Important?
MFA provides an additional protection against brute force attacks into your accounts, and prevents loss of ownership from 3rd party password data leaks by presenting a barrier.

By using MFA, you can ensure that your servers are fully in your control and safe from a primary attack vector of bad actors who may wish to harm your service.

## How to Set up MFA with Cherry
To set up multi-factor authentication, log in to your account using your password as usual.

1. From the client portal home page, click your profile icon in the top right-hand corner, and switch to the “User” tab of the dropdown menu.
![](https://www.cherryservers.com/v3/assets/documentation/accounts-and-billing/mfa-1.png)
2. Click your account name.
![](https://www.cherryservers.com/v3/assets/documentation/accounts-and-billing/mfa-2.png)
3. From your profile dashboard, Click “Enable” in the “Two-Factor Authentication” box.
![](https://www.cherryservers.com/v3/assets/documentation/accounts-and-billing/mfa-3.png)
4. From the pop-up window that appears, select your preferred method of identification.
![](https://www.cherryservers.com/v3/assets/documentation/accounts-and-billing/mfa-4.png)

### Method 1: Authenticator App
You will need to have an authenticator app already installed.

1. After selecting "Authenticator", a pop-up window will appear.
2. Using your chosen authenticator app, scan the QR code provided. This will register the account to your authenticator and provide a 6 digit verification code to complete set-up.
![](https://www.cherryservers.com/v3/assets/documentation/accounts-and-billing/mfa-5.png)
3. Enter the code into the box and click “Verify & Enable.”

Each time you log in, you will be prompted to provide a 6 digit code from your authenticator app to gain access after entering your password.

### Method 2: SMS
1. After selecting “SMS”, a pop-up window will appear.
2. Enter the phone number you wish to use for authentication and click “Update”
![](https://www.cherryservers.com/v3/assets/documentation/accounts-and-billing/mfa-6.png)
3. A 6 digit verification code will be sent to your mobile device.
4. Enter the verification code into the box in the pop-up window.
5. Your mobile device is now registered for authentication.

Each time you log in, you will be prompted to send a 6 digit code to your mobile device after entering your password, which you will need to provide to gain access to your account.