Enroll in MFA using authenticator app
If you aren't yet familiar with MFA, please see this FAQ: What is MFA, why should I use it, and how do I enable it?
If you are here we are going to assume that you've enabled MFA as outlined in the FAQ linked above, and that you have selected the "Enroll in MFA using authenticator app" option. Our MFA works with any authentication app that is compatible with the Google OAuth 2.0 protocol. This includes (but is not limited to) the following:
Google Authenticator
Duo Mobile
Microsoft Authenticator
iCloud Keychain 2FA
We recommend going with Google Authenticator, unless you have another preference for some reason. If you already have an authentication app setup, you should be able to use that as long as it supports the Google OAuth 2.0 protocol.
First, on the MFA tab in the dashboard, you should be prompted with a MFA setup page like this:
Next, open your Authenticator app of choice. See the list above for known-compatible authentication apps.
Within your Authenticator app, if there's an option to scan a QR code, select that, and scan the QR code on the page.
If there's no QR code option, you can manually setup the app using the MFA Secret option (Click the eyeball icon to show the MFA Secret in plaintext).
Once the account is setup you should get a 6-digit MFA code generated by your app. Typically this code refreshes every 60 seconds. Go ahead and enter this code into the "MFA Code" box and click "Complete MFA enrollment" to complete the setup.
Be sure to save your recovery code when prompted. This allows you to access the account if you lose access to the authenticator app that you used to set it up.
That's it! Once MFA is setup you will simply need to enter the MFA code when prompted upon login in order to access your account going forward.