 Hi, welcome to this third video on how to secure servers with Octa. In the previous videos, we just talked about why this is a good idea. In second, we use the developer-free account that Octa plus Octa Advanced Server Access to set up our first server in our first client. But we can do better. During that first tutorials, we just had a user logged into the server using a password. If you think about it, passwords are like those long keys, right? They can be shared as well. People may mess up and get those credentials disclosed, and that's not a good idea, especially with servers. What we're going to do is we're going to prevent that from happening by using multi-factor authentication. The steps on doing this and you can follow along our first to enable MFA at Octa. Second, configure the policy, which factors we will allow, and finally just test it. This is going to be a very quick tutorial, so please follow along if you would like to. This is my Octa dashboard, the same one you access when you log in your developer plan. From here, you can head over to Security, multi-factor, and you can tell which factors you will accept for users to enroll in, and then use later for security. I'm going to enable a couple of those, so just you have an idea on how easy it gets to get those things going at Octa. The first one I'm going to use is Fido. If you have MacBooks or a Windows device with Windows Hello, it's just a matter of hitting this knob here, you get that functionality. The other one I'm going to enable here, it's going to be Octa Verify. And Octa Verify is a push notification system, so what it allows you to do is to pretty much use your cell phone as a way of getting that security. So I'm going to enable push notification here, I could also require a touch ID. And now that I have both enabled, I will actually use this enrolling name optionally for either one or the other when they are enforced to do MFA. Cool. Once I enable MFA at Octa, I can pick which applications will actually require MFA. So if I had my own custom app, let's say for my customers, I might not want to have MFA there, but for servers that are being access it via ASA or advanced severed access, I do want to have that. So I can enter the application in under single sign-on, I can add a specific policy to add MFA for who I want. So I'll say everyone here, it could be your developer team, you can set up specific groups, it's really your call. I'm going to prompt for a factor with every authentication hit save here. So let me sign out so we can test this up. So okay. So now I'm going to access my engine X server. That's sending me over to Octa where I'm interning my credentials. Now, because I have MFA in the options I selected, I'm presented with this. It's the first time I'm accessing so I can set this up. So I'm going to use touch ID, which I have in my computer. Okay, hold on. Yes, a lot. Okay. I'm in. Gonna hit finish. I could do another factor. Cool. And now I'm approved. So nice. Now when I access servers, I need that key in order to have this access going. So okay, to recap what we did here, we enable multi-factor authentication, we configure the policy and we tested that out.