> ## Documentation Index
> Fetch the complete documentation index at: https://auth0.com/llms.txt
> Use this file to discover all available pages before exploring further.

> Describes how to configure time-based one time passwords (OTP) notifications for MFA.

# Configure OTP Notifications for MFA

Auth0 supports one-time passwords (OTPs) as <Tooltip tip="Multi-factor authentication (MFA): User authentication process that uses a factor in addition to username and password such as a code via SMS." cta="View Glossary" href="/docs/glossary?term=multi-factor+authentication">multi-factor authentication</Tooltip> factors. In order for users to leverage OTPs, you first must [enable them as an MFA factor](/docs/secure/multi-factor-authentication/enable-mfa) in your Auth0 tenant.

Once enabled for your application, users can enroll in OTPs when accessing your application. To do so, they must install an authenticator application on their device, such as:

* Auth0 Guardian ([Google Play](https://play.google.com/store/apps/details?id=com.auth0.guardian) / [App Store](https://itunes.apple.com/us/app/auth0-guardian/id1093447833))
* Authy ([Google Play](https://play.google.com/store/apps/details?id=com.authy.authy) / [App Store](https://itunes.apple.com/us/app/authy/id494168017))
* Google Authenticator ([Google Play](https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2) / [App Store](https://itunes.apple.com/us/app/google-authenticator/id388497605))
* Microsoft Authenticator ([Google Play](https://play.google.com/store/apps/details?id=com.azure.authenticator) / [App Store](https://itunes.apple.com/us/app/microsoft-authenticator/id983156458))

## User OTP workflow

When a user attempts to sign up through a <Tooltip tip="Universal Login: Your application redirects to Universal Login, hosted on Auth0's Authorization Server, to verify a user's identity." cta="View Glossary" href="/docs/glossary?term=Universal+Login">Universal Login</Tooltip> prompt, they are prompted to scan a QR code to enroll in OTPs.

<Frame>
  <img src="https://mintlify.s3.us-west-1.amazonaws.com/auth0/docs/images/cdy7uua7fh8z/2J6vWaonPbCvpuBUu9b8q1/b4ec4e66fc86021e5e31d000acaf18e2/QR_Code_-_EN_-_Small.png" alt="Auth0 Guardian OTP QR code setup example" />
</Frame>

If the user's device is detected as a mobile device, Universal Login skips the QR code screen and instead displays an enrollment code directly in the prompt.

<Frame>
  <img src="https://mintlify.s3.us-west-1.amazonaws.com/auth0/docs/images/cdy7uua7fh8z/5QvQ9FLYnVZXINFAeLkIr9/04df9be004169ac06b8d9fee456dc599/OTP_prompt_-_English.png" alt="The temporary one-time password enrollment screen as displayed on a mobile device. " />
</Frame>

After a user has enrolled in OTPs, they can use OTPs to log in to your application. To do so, they first retrieve a one-time code from their preferred authenticator app.

<Frame>
  <img src="https://mintlify.s3.us-west-1.amazonaws.com/auth0/docs/images/cdy7uua7fh8z/1vVY2NLQwsOwdHIPU4Qj3B/026255e1549c3ec5bdc790280590d210/google-auth-screenshot.png" alt="Auth0 Guardian OTP Code Google example" />
</Frame>

Then, they enter the one-time code in the login prompt.

<Frame>
  <img src="https://mintlify.s3.us-west-1.amazonaws.com/auth0/docs/images/cdy7uua7fh8z/4dntQCYqgx5QyLZKW7quxR/20cab4bcde8270914d2c2979810cd5f5/OTP_challenge_-_EN_-_Small.png" alt="Auth0 Guardian OTP Login Prompt Example" />
</Frame>

## Learn more

* [Enroll and Challenge OTP Authenticators](/docs/secure/multi-factor-authentication/authenticate-using-ropg-flow-with-mfa/enroll-and-challenge-otp-authenticators)