--- layout: "docs" page_title: "TOTP MFA - MFA Support - Vault Enterprise" sidebar_title: "TOTP MFA" sidebar_current: "docs-vault-enterprise-mfa-totp" description: |- Vault Enterprise supports TOTP MFA type. --- # TOTP MFA This page demonstrates the TOTP MFA on ACL'd paths of Vault. ## Configuration 1. Enable the appropriate auth method: ```text $ vault auth enable userpass ``` 1. Fetch the mount accessor for the enabled auth method: ```text $ vault auth list -detailed ``` The response will look like: ```text Path Type Accessor Plugin Default TTL Max TTL Replication Description ---- ---- -------- ------ ----------- ------- ----------- ----------- token/ token auth_token_289703e9 n/a system system replicated token based credentials userpass/ userpass auth_userpass_54b8e339 n/a system system replicated n/a ``` 1. Configure TOTP MFA: ```text $ vault write sys/mfa/method/totp/my_totp \ issuer=Vault \ period=30 \ key_size=30 \ algorithm=SHA256 \ digits=6 ``` 1. Create a policy that gives access to secret through the MFA method created above: ```text $ vault policy write totp-policy -<