> ## Documentation Index
> Fetch the complete documentation index at: https://docs.privy.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Overview

> Overview of provisioning embedded wallet key material on new user devices.

Once a user has created a embedded wallet, when they attempt to use the wallet on a *new* device, the key material for their wallet must be provisioned on that device.

In most cases, once a user authenticates on a new device, Privy automatically orchestrates reconstitution of the key material for their wallet on that device. This requires no additional action from the user and allows them to seamlessly use their wallet on any device where they are authenticated.

In self-custodial setups, you can also require users to input a password or authenticate with their cloud account (iCloud, Google Drive) in order to reconstitute their wallet on a new device. Follow the steps below to enable this setting.

<Warning>
  Additional authentication factors for device provisioning can be reset on a provisioned device, but **if a user loses all provisioned devices and their additional factor, they will be locked out of their account.**

  Read more [more about Privy's self-custodial architecture](/security/wallet-infrastructure/architecture).
</Warning>

<Steps>
  <Step title="Configure authentication factors for new devices.">
    Visit the **Authentication** page for your app in the Privy Dashboard and navigate to the
    **MFA** tab. Then, select the authentication factors (password, Google Drive backup, or iCloud
    backup) you'd like to offer users for new devices. [Learn
    more](/wallets/advanced-topics/new-devices/cloud-recovery)
  </Step>

  <Step title="Prompt users to enroll authentication factors for new devices.">
    Once users have created a wallet, prompt your users to enroll authentication factors for new
    devices per [this guide](/wallets/advanced-topics/new-devices/enroll). Alternatively, to
    automatically prompt users to enroll authentication factors for new devices, toggle the
    **Require additional authentication for new devices** setting on.
  </Step>

  <Step title="Prompt users to authenticate when using the wallet on a new device.">
    When users log in on a new device, prompt them to authenticate with their additional factor per
    [this guide](/wallets/advanced-topics/new-devices/auth).
  </Step>
</Steps>