Multi-factor authentication (MFA) is a security measure that enhances the protection of user accounts by requiring multiple forms of verification, such as something the user knows (password), something they have (a token), and sometimes even something they are (biometric data). This article discusses the implementation of MFA with Couchbase Server, highlighting its importance in safeguarding confidential information against various cyber threats like credential stuffing, password leaks, and brute force attacks. The text explores different MFA methods from basic password use to advanced hardware tokens and Universal 2nd Factor (U2F), illustrating how each provides varying levels of security. Additionally, it offers detailed instructions on setting up MFA using software tokens and hardware tokens with Couchbase Server, emphasizing the balance between security and convenience. The use of LDAP and PAM for external authentication is also discussed, showing how these systems can be configured to enhance security further.