# Multi-Factor Authentication

:::warning
Users who log in via [SAML Single Sign-On](/docs/c/saml-config.md) cannot use this feature.
Please configure multi-factor authentication on your IdP instead.
:::

Shisho Cloud provides Multi-Factor Authentication (MFA) functionality to enhance account security.

## Supported Authentication Apps

The following authentication applications are supported:

- **Google Authenticator**
- **Microsoft Authenticator**
- **FreeOTP**
- Other TOTP-compatible authentication apps

## Individual User MFA Configuration

### Enabling Multi-Factor Authentication

Please check the current MFA configuration status in the User Settings screen.

![](/docs/_md-assets/d1348a9c30-user_setting_en.png)

When you click the Configure button, a confirmation dialog will appear.

:::warning
Please note the following:

- You will be automatically logged out after configuration
- You will need to log in again
  :::

After continuing, you will be redirected to the MFA configuration screen as shown below. Please follow the on-screen instructions to complete the setup.

![](/docs/_md-assets/306a081afd-qr_code_en.png)

After completing the setup, you will return to the Shisho Cloud screen. To apply the MFA settings, you will be automatically logged out after approximately 3 seconds. MFA will be required from your next login.

:::info
MFA is not applicable to users who log in via SSO (Single Sign-On), so the configuration option will not be displayed for these users.
:::

### Disabling Multi-Factor Authentication

Please check the current MFA configuration status in the User Settings screen.

![](/docs/_md-assets/566f520efd-user_setting_after_en.png)

When you click the Disable button, a confirmation dialog will appear.

:::warning
Please note the following:

- You will be automatically logged out after configuration
  :::

After continuing, you will be automatically logged out after approximately 3 seconds to apply the settings. MFA will no longer be required from your next login.

## Organization-Level MFA Enforcement

Organization administrators can enforce the use of MFA as a security policy at the organization level.

When enabled, users who have not configured MFA will not be able to access resources on Shisho Cloud.

![](/docs/_md-assets/3b594b18d7-restricted_en.png)

### Configuring MFA Enforcement

Please check the current status in the Organization Settings screen.

![](/docs/_md-assets/78e1130bd4-org_level_mfa_en.png)

When you click the Configure button, a confirmation dialog will appear. If you continue, MFA will become mandatory at the organization level.

:::warning
To disable organization-level MFA enforcement, you must have Owner permissions and have MFA configured for your account.
:::

## Support

If you have any questions or concerns, please feel free to contact our support team.

## Related Documentation

- [SAML Single Sign-On](/docs/c/saml-config.md)