MFA for your production infrastructure running on ngrok` is a feature that secures access to the ngrok account dashboard, allowing users to add an additional layer of security. The goal is to protect against unauthorized access and ensure that sensitive production workloads are safeguarded. Multi-factor authentication (MFA) uses time-based one-time passwords (TOTPs) or other methods to verify user identities. To implement MFA, ngrok created a service to manage and store TOTP devices, using an existing library for encryption and securely verifying codes through GRPC calls. The feature also addresses the challenge of supporting multi-tenant infrastructure, where accounts are independent of users. By making MFA opt-in, ngrok aims to balance security benefits with user convenience.