From 59a2427b106f4b082ae8d30f7f16ff793d8bafd2 Mon Sep 17 00:00:00 2001
From: Uchechukwu Orji <orjiuchechukwu52@yahoo.com>
Date: Wed, 17 Dec 2025 08:21:21 +0100
Subject: [PATCH 1/2] docs: add  email as authentication method

---
 docs/kratos/mfa/01_overview.mdx | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/docs/kratos/mfa/01_overview.mdx b/docs/kratos/mfa/01_overview.mdx
index 9909db3bd..bd7a88488 100644
--- a/docs/kratos/mfa/01_overview.mdx
+++ b/docs/kratos/mfa/01_overview.mdx
@@ -48,6 +48,11 @@ authentication method. They can be used to complete the second factor when users
 SMS for MFA sends a one-time password to the user's registered mobile phone number via text message. Read the
 [Code via SMS](../../../docs/kratos/mfa/mfa-via-sms) documentation to learn more.
 
+### Email
+
+Email for MFA sends a one-time code to the user's registered email address. Read the
+[Code via Email](../../../docs/kratos/mfa/mfa-via-sms) documentation to learn more.
+
 ## Terminology
 
 Learn more about the terms and concepts used when talking about 2FA in Ory.
@@ -59,6 +64,7 @@ The Authentication Method Reference (AMR) is an array of authentication methods
 The following methods can be present in a session:
 
 - `password` - When the user authenticated with their password.
+- `code` - When the user authenticated by code sent via email address.
 - `oidc`- When the user authenticated by signing in with a social sign-in provider.
 - `totp`- When the user authenticated by entering a time-based one-time password.
 - `webauthn` - When the user authenticated through a WebAuthn channel, such as OS-level biometric authentication or a hardware
@@ -120,16 +126,19 @@ The Authenticator Assurance Level (AAL) indicates how many authentication factor
 
 Authentication methods are classified into factors:
 
-| Authentication method | Factor |
-| :-------------------- | :----- |
-| `password`            | first  |
-| `oidc`                | first  |
-| `totp`                | second |
-| `webauthn`            | second |
-| `lookup_secret`       | second |
+| Authentication method | Factor        |
+| :-------------------- | :------------ |
+| `password`            | first         |
+| `oidc`                | first         |
+| `code`                | first/second  |
+| `totp`                | second        |
+| `webauthn`            | second        |
+| `lookup_secret`       | second        |
 
 :::info
 
+You can use `code` as first or second factor but not both at the same time.
+
 When you enable [passwordless authentication with WebAuthn or Passkeys](../passwordless/05_passkeys.mdx), it isn't considered as a
 second authentication factor.
 

From 4f0e538d5348ff675ef4573c182ac8d9bcb1ef00 Mon Sep 17 00:00:00 2001
From: Uchechukwu Orji <orjiuchechukwu52@yahoo.com>
Date: Wed, 17 Dec 2025 08:39:05 +0100
Subject: [PATCH 2/2] style: fix formatting issues

---
 docs/kratos/mfa/01_overview.mdx | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/docs/kratos/mfa/01_overview.mdx b/docs/kratos/mfa/01_overview.mdx
index bd7a88488..ef51b175f 100644
--- a/docs/kratos/mfa/01_overview.mdx
+++ b/docs/kratos/mfa/01_overview.mdx
@@ -126,14 +126,14 @@ The Authenticator Assurance Level (AAL) indicates how many authentication factor
 
 Authentication methods are classified into factors:
 
-| Authentication method | Factor        |
-| :-------------------- | :------------ |
-| `password`            | first         |
-| `oidc`                | first         |
-| `code`                | first/second  |
-| `totp`                | second        |
-| `webauthn`            | second        |
-| `lookup_secret`       | second        |
+| Authentication method | Factor       |
+| :-------------------- | :----------- |
+| `password`            | first        |
+| `oidc`                | first        |
+| `code`                | first/second |
+| `totp`                | second       |
+| `webauthn`            | second       |
+| `lookup_secret`       | second       |
 
 :::info