# Multi-Factor Authentication (MFA) ### 🔒 Why MFA Matters With increasing threats across Web3, single-factor login mechanisms (like passwords) are no longer sufficient. Tychi adopts MFA to add multiple layers of identity verification before allowing wallet access or transaction approvals. *** ### ✅ Authentication Factors Used 1. **Something You Know** * Secure password or passphrase * PIN for quick wallet-level confirmations 2. **Something You Are** * Biometric verification (fingerprint or facial recognition) * Device-native biometric APIs ensure privacy and speed 3. **Something You Have** * Time-based One-Time Password (TOTP) via Google Authenticator or Authy * Hardware tokens (e.g., YubiKey) for advanced users (optional) *** ### 🧠 MFA Usage Within Tychi * **Login Protection**\ Requires at least two factors (e.g., password + biometric) for app/device access. * **Transaction Approval**\ High-risk actions (e.g., large transfers, DApp authorizations) require full MFA confirmation. * **Cold Wallet Access**\ Mandatory MFA required to view or export cold wallet private key access controls. * **Identity Verification**\ MFA required when accessing DID documents or issuing Verifiable Credentials (VCs). *** --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://tychi.gitbook.io/tychi-whitepaper/security-and-idenitity/multi-factor-authentication-mfa.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.