Multi-Factor Authentication (MFA) is a security best practice that adds an extra layer of protection on top of a username and password combination. By requiring an additional authentication code from a trusted device, MFA safeguards access to a user’s account even if the password is compromised.

There are various authentication methods to implement MFA. The Time-based One-Time Password (TOTP) algorithm is a popular and secure method that automatically generates an authentication code which changes after a certain period of time.

TOTP has been adopted as Internet Engineering Task Force standard RFC 6238.