Auth0 supports one-time passwords (OTPs) as multi-factor authentication factors. In order for users to leverage OTPs, you first must enable them as an MFA factor in your Auth0 tenant.

Once enabled for your application, users can enrol in OTPs when accessing your application. To do so, they must install an authenticator application on their device, such as:

When users attempt to sign up through a Universal Login prompt, they are prompted to scan a QR code to enrol in OTPs. (Google Authenticator Example)
​

​Click on Add a Code
​

​
​Click on Scan a QR code.
​

​
​You'll be prompted to scan the QR code that is visible on your screen.
​

​
​After scanning, it will automatically add your multi-factor authentication piece to your device.
​

​
​Enter your one-time code and click Continue.
​

​
You'll also receive a recovery code, so please store it somewhere safe. If your phone or device with MFA is lost, stolen, or damaged, you can use this code to log back in, set up MFA again, or troubleshoot any further issues.
​
​

Once you've copied the recovery code, you'll go ahead and log in to Labelbox. From now on, each time you log in, you'll be prompted to enter your MFA code. However, there’s also a checkbox that lets you skip the MFA prompt for the next 30 days on the same device, which can be a convenient option.
​

​