Wallet MFA

Privy enables users to set up multi-factor authentication (MFA) for embedded wallets on both EVM networks and Solana. MFA helps secure the embedded wallet by requiring additional verification of a user's identity when the wallet is used.

Using MFA to secure the embedded wallet

Once a user enrolls in wallet MFA, any action that requires use of the embedded wallet's private key will require the user to complete MFA verification. This includes signing messages, sending transactions, exporting the embedded wallet, and recovering the embedded wallet for use on new devices.

Privy currently supports two methods of wallet MFA:

• SMS, where users verify with a 6-digit MFA code sent to their phone number
• Time-based one-time password (TOTP), where users verify with a 6-digit MFA code from an authentication app, like Authy or Google Authenticator
• Passkeys, where users verify with a previously registered passkey, generally through biometric authentication on their device

TIP

If a user has multiple embedded wallets (e.g. on EVM and Solana, or multiple HD addresses), enrolling in MFA will require MFA for signatures and transactions from any of their embedded wallets.

To use wallet MFA within your app, check out the guides below!

Set up MFA methods

Configure MFA methods in the Dashboard

Enroll users in MFA

Prompt users to enroll in one of your app's MFA methods

Use MFA in your app

Secure signatures and transactions with MFA

Use custom UIs for MFA

Implement MFA with your own UIs