As the importance of online security grows, multi-factor authentication (MFA) becomes increasingly crucial to protect accounts with valuable data. MFA requires two or more factors of proof, such as something the user knows, has, is, or where they are, to authenticate. It's a superset of two-factor authentication and can be used in various contexts beyond online account access, including banking and sensitive systems. Developers should enable and encourage users to use MFA to prevent compromised accounts from being stolen by bad actors, who may then have unauthorized access to the system and its data. Implementing MFA requires balancing user experience with account security, as requiring it for all system access can be too frictional. Situations where MFA is recommended include administrative accounts, high-value accounts, risky actions, legal or organizational policies, and when actions look suspicious. MFA requirements should be applied in a central location and made available to users who want to protect their account security.