diff --git a/packages/clerk-js/src/core/clerk.ts b/packages/clerk-js/src/core/clerk.ts
index 4678c2266d0..9aecd1bc21f 100644
--- a/packages/clerk-js/src/core/clerk.ts
+++ b/packages/clerk-js/src/core/clerk.ts
@@ -111,6 +111,7 @@ import type {
   SignUpResource,
   TaskChooseOrganizationProps,
   TaskResetPasswordProps,
+  TaskSetupMFAProps,
   TasksRedirectOptions,
   UnsubscribeCallback,
   UserAvatarProps,
@@ -1439,6 +1440,28 @@ export class Clerk implements ClerkInterface {
     void this.#clerkUi?.then(ui => ui.ensureMounted()).then(controls => controls.unmountComponent({ node }));
   };
 
+  public mountTaskSetupMfa = (node: HTMLDivElement, props?: TaskSetupMFAProps) => {
+    this.assertComponentsReady(this.#clerkUi);
+
+    const component = 'TaskSetupMFA';
+    void this.#clerkUi
+      .then(ui => ui.ensureMounted())
+      .then(controls =>
+        controls.mountComponent({
+          name: component,
+          appearanceKey: 'taskSetupMfa',
+          node,
+          props,
+        }),
+      );
+
+    this.telemetry?.record(eventPrebuiltComponentMounted('TaskSetupMfa', props));
+  };
+
+  public unmountTaskSetupMfa = (node: HTMLDivElement) => {
+    void this.#clerkUi?.then(ui => ui.ensureMounted()).then(controls => controls.unmountComponent({ node }));
+  };
+
   /**
    * `setActive` can be used to set the active session and/or organization.
    */
diff --git a/packages/localizations/src/en-US.ts b/packages/localizations/src/en-US.ts
index 15256e3e1c2..a164c7f1b0c 100644
--- a/packages/localizations/src/en-US.ts
+++ b/packages/localizations/src/en-US.ts
@@ -898,6 +898,76 @@ export const enUS: LocalizationResource = {
     subtitle: 'Your account requires a new password before you can continue',
     title: 'Reset your password',
   },
+  taskSetupMfa: {
+    badge: 'Two-step verification setup',
+    start: {
+      title: 'Set up two-step verification',
+      subtitle: 'Choose which method you prefer to protect your account with an extra layer of security',
+      methodSelection: {
+        totp: 'Authenticator application',
+        phoneCode: 'SMS code',
+      },
+    },
+    smsCode: {
+      title: 'Add sms code verification',
+      subtitle: 'Choose phone number you want to use for SMS code two-step verification',
+      addPhoneNumber: 'Add phone number',
+      cancel: 'Cancel',
+      verifyPhone: {
+        title: 'Verify your phone number',
+        subtitle: 'Enter the verification code sent to',
+        formTitle: 'Verification code',
+        resendButton: "Didn't receive a code? Resend",
+        formButtonPrimary: 'Continue',
+      },
+      addPhone: {
+        infoText:
+          'A text message containing a verification code will be sent to this phone number. Message and data rates may apply.',
+        formButtonPrimary: 'Continue',
+      },
+      success: {
+        title: 'SMS code verification enabled',
+        message1:
+          'Two-step verification is now enabled. When signing in, you will need to enter a verification code sent to this phone number as an additional step.',
+        message2:
+          'Save these backup codes and store them somewhere safe. If you lose access to your authentication device, you can use backup codes to sign in.',
+        finishButton: 'Continue',
+      },
+    },
+    totpCode: {
+      title: 'Add authenticator application',
+      addAuthenticatorApp: {
+        infoText__ableToScan:
+          'Set up a new sign-in method in your authenticator app and scan the following QR code to link it to your account.',
+        infoText__unableToScan: 'Set up a new sign-in method in your authenticator and enter the Key provided below.',
+        inputLabel__unableToScan1:
+          'Make sure Time-based or One-time passwords is enabled, then finish linking your account.',
+        buttonUnableToScan__nonPrimary: "Can't scan QR code?",
+        buttonAbleToScan__nonPrimary: 'Scan QR code instead',
+        formButtonPrimary: 'Continue',
+        formButtonReset: 'Cancel',
+      },
+      verifyTotp: {
+        title: 'Add authenticator application',
+        subtitle: 'Enter verification code generated by your authenticator',
+        formTitle: 'Verification code',
+        formButtonPrimary: 'Continue',
+        formButtonReset: 'Cancel',
+      },
+      success: {
+        title: 'Authenticator application verification enabled',
+        message1:
+          'Two-step verification is now enabled. When signing in, you will need to enter a verification code from this authenticator as an additional step.',
+        message2:
+          'Save these backup codes and store them somewhere safe. If you lose access to your authentication device, you can use backup codes to sign in.',
+        finishButton: 'Continue',
+      },
+    },
+    signOut: {
+      actionText: 'Signed in as {{identifier}}',
+      actionLink: 'Sign out',
+    },
+  },
   unstable__errors: {
     already_a_member_in_organization: '{{email}} is already a member of the organization.',
     avatar_file_size_exceeded: 'File size exceeds the maximum limit of 10MB. Please choose a smaller file.',
diff --git a/packages/shared/src/internal/clerk-js/sessionTasks.ts b/packages/shared/src/internal/clerk-js/sessionTasks.ts
index eb8a3f3ca99..e0d0fd1e0f8 100644
--- a/packages/shared/src/internal/clerk-js/sessionTasks.ts
+++ b/packages/shared/src/internal/clerk-js/sessionTasks.ts
@@ -9,6 +9,7 @@ import { buildURL } from './url';
 export const INTERNAL_SESSION_TASK_ROUTE_BY_KEY: Record<SessionTask['key'], string> = {
   'choose-organization': 'choose-organization',
   'reset-password': 'reset-password',
+  'setup-mfa': 'setup-mfa',
 } as const;
 
 /**
diff --git a/packages/shared/src/types/clerk.ts b/packages/shared/src/types/clerk.ts
index 9d3f7945f38..5b64415ba42 100644
--- a/packages/shared/src/types/clerk.ts
+++ b/packages/shared/src/types/clerk.ts
@@ -672,6 +672,23 @@ export interface Clerk {
    */
   unmountTaskResetPassword: (targetNode: HTMLDivElement) => void;
 
+  /**
+   * Mounts a TaskSetupMFA component at the target element.
+   * This component allows users to set up multi-factor authentication.
+   *
+   * @param targetNode - Target node to mount the TaskSetupMFA component.
+   * @param props - configuration parameters.
+   */
+  mountTaskSetupMfa: (targetNode: HTMLDivElement, props?: TaskSetupMFAProps) => void;
+
+  /**
+   * Unmount a TaskSetupMFA component from the target element.
+   * If there is no component mounted at the target node, results in a noop.
+   *
+   * @param targetNode - Target node to unmount the TaskSetupMFA component from.
+   */
+  unmountTaskSetupMfa: (targetNode: HTMLDivElement) => void;
+
   /**
    * @internal
    * Loads Stripe libraries for commerce functionality
@@ -2284,6 +2301,14 @@ export type TaskResetPasswordProps = {
   appearance?: ClerkAppearanceTheme;
 };
 
+export type TaskSetupMFAProps = {
+  /**
+   * Full URL or path to navigate to after successfully resolving all tasks
+   */
+  redirectUrlComplete: string;
+  appearance?: ClerkAppearanceTheme;
+};
+
 export type CreateOrganizationInvitationParams = {
   emailAddress: string;
   role: OrganizationCustomRoleKey;
diff --git a/packages/shared/src/types/localization.ts b/packages/shared/src/types/localization.ts
index 7c3b5ae0fc0..d97301630d0 100644
--- a/packages/shared/src/types/localization.ts
+++ b/packages/shared/src/types/localization.ts
@@ -1327,6 +1327,69 @@ export type __internal_LocalizationResource = {
     };
     formButtonPrimary: LocalizationValue;
   };
+  taskSetupMfa: {
+    badge: LocalizationValue;
+    start: {
+      title: LocalizationValue;
+      subtitle: LocalizationValue;
+      methodSelection: {
+        totp: LocalizationValue;
+        phoneCode: LocalizationValue;
+      };
+    };
+    smsCode: {
+      title: LocalizationValue;
+      subtitle: LocalizationValue;
+      addPhoneNumber: LocalizationValue;
+      cancel: LocalizationValue;
+      verifyPhone: {
+        title: LocalizationValue;
+        subtitle: LocalizationValue;
+        formTitle: LocalizationValue;
+        resendButton: LocalizationValue;
+        formButtonPrimary: LocalizationValue;
+      };
+      addPhone: {
+        infoText: LocalizationValue;
+        formButtonPrimary: LocalizationValue;
+      };
+      success: {
+        title: LocalizationValue;
+        message1: LocalizationValue;
+        message2: LocalizationValue;
+        finishButton: LocalizationValue;
+      };
+    };
+    totpCode: {
+      title: LocalizationValue;
+      addAuthenticatorApp: {
+        infoText__ableToScan: LocalizationValue;
+        infoText__unableToScan: LocalizationValue;
+        inputLabel__unableToScan1: LocalizationValue;
+        buttonUnableToScan__nonPrimary: LocalizationValue;
+        buttonAbleToScan__nonPrimary: LocalizationValue;
+        formButtonPrimary: LocalizationValue;
+        formButtonReset: LocalizationValue;
+      };
+      verifyTotp: {
+        title: LocalizationValue;
+        subtitle: LocalizationValue;
+        formTitle: LocalizationValue;
+        formButtonPrimary: LocalizationValue;
+        formButtonReset: LocalizationValue;
+      };
+      success: {
+        title: LocalizationValue;
+        message1: LocalizationValue;
+        message2: LocalizationValue;
+        finishButton: LocalizationValue;
+      };
+    };
+    signOut: {
+      actionText: LocalizationValue<'identifier'>;
+      actionLink: LocalizationValue;
+    };
+  };
   web3SolanaWalletButtons: {
     connect: LocalizationValue<'walletName'>;
     continue: LocalizationValue<'walletName'>;
diff --git a/packages/shared/src/types/session.ts b/packages/shared/src/types/session.ts
index 727c044ad48..f35b1454c24 100644
--- a/packages/shared/src/types/session.ts
+++ b/packages/shared/src/types/session.ts
@@ -335,7 +335,7 @@ export interface SessionTask {
   /**
    * A unique identifier for the task
    */
-  key: 'choose-organization' | 'reset-password';
+  key: 'choose-organization' | 'reset-password' | 'setup-mfa';
 }
 
 export type GetTokenOptions = {
diff --git a/packages/ui/src/common/Wizard.tsx b/packages/ui/src/common/Wizard.tsx
index 77bd735452a..aee4cd4d8a4 100644
--- a/packages/ui/src/common/Wizard.tsx
+++ b/packages/ui/src/common/Wizard.tsx
@@ -4,6 +4,7 @@ import { Animated } from '../elements/Animated';
 
 type WizardProps = React.PropsWithChildren<{
   step: number;
+  animate?: boolean;
 }>;
 
 type UseWizardProps = {
@@ -26,7 +27,11 @@ export const useWizard = (params: UseWizardProps = {}) => {
 };
 
 export const Wizard = (props: WizardProps) => {
-  const { step, children } = props;
+  const { step, children, animate = true } = props;
+
+  if (!animate) {
+    return React.Children.toArray(children)[step];
+  }
 
   return <Animated>{React.Children.toArray(children)[step]}</Animated>;
 };
diff --git a/packages/ui/src/components/SessionTasks/index.tsx b/packages/ui/src/components/SessionTasks/index.tsx
index 9cca5b9b9c1..3316a395c37 100644
--- a/packages/ui/src/components/SessionTasks/index.tsx
+++ b/packages/ui/src/components/SessionTasks/index.tsx
@@ -12,11 +12,13 @@ import {
   SessionTasksContext,
   TaskChooseOrganizationContext,
   TaskResetPasswordContext,
+  TaskSetupMFAContext,
   useSessionTasksContext,
 } from '../../contexts/components/SessionTasks';
 import { Route, Switch, useRouter } from '../../router';
 import { TaskChooseOrganization } from './tasks/TaskChooseOrganization';
 import { TaskResetPassword } from './tasks/TaskResetPassword';
+import { TaskSetupMFA } from './tasks/TaskSetupMfa';
 
 const SessionTasksStart = () => {
   const clerk = useClerk();
@@ -50,6 +52,43 @@ const SessionTasksStart = () => {
 
 function SessionTasksRoutes(): JSX.Element {
   const ctx = useSessionTasksContext();
+  const clerk = useClerk();
+  const { navigate, currentPath } = useRouter();
+
+  const currentTaskContainer = useRef<HTMLDivElement>(null);
+
+  // If there are no pending tasks, navigate away from the tasks flow.
+  // This handles cases where a user with an active session returns to the tasks URL,
+  // for example by using browser back navigation. Since there are no pending tasks,
+  // we redirect them to their intended destination.
+  useEffect(() => {
+    // Tasks can only exist on pending sessions, but we check both conditions
+    // here to be defensive and ensure proper redirection
+    const task = clerk.session?.currentTask;
+    if (!task || clerk.session?.status === 'active') {
+      if (ctx.shouldAutoNavigateAway.current) {
+        void navigate(ctx.redirectUrlComplete);
+      }
+      return;
+    }
+
+    clerk.telemetry?.record(eventComponentMounted('SessionTask', { task: task.key }));
+  }, [clerk, currentPath, navigate, ctx.redirectUrlComplete, ctx.shouldAutoNavigateAway]);
+
+  if (!clerk.session?.currentTask && ctx.shouldAutoNavigateAway.current) {
+    return (
+      <Card.Root
+        sx={() => ({
+          minHeight: currentTaskContainer ? currentTaskContainer.current?.offsetHeight : undefined,
+        })}
+      >
+        <Card.Content sx={() => ({ flex: 1 })}>
+          <LoadingCardContainer />
+        </Card.Content>
+        <Card.Footer />
+      </Card.Root>
+    );
+  }
 
   return (
     <Flow.Root flow='tasks'>
@@ -68,6 +107,13 @@ function SessionTasksRoutes(): JSX.Element {
             <TaskResetPassword />
           </TaskResetPasswordContext.Provider>
         </Route>
+        <Route path={INTERNAL_SESSION_TASK_ROUTE_BY_KEY['setup-mfa']}>
+          <TaskSetupMFAContext.Provider
+            value={{ componentName: 'TaskSetupMFA', redirectUrlComplete: ctx.redirectUrlComplete }}
+          >
+            <TaskSetupMFA />
+          </TaskSetupMFAContext.Provider>
+        </Route>
         <Route index>
           <SessionTasksStart />
         </Route>
@@ -84,44 +130,9 @@ type SessionTasksProps = {
  * @internal
  */
 export const SessionTasks = withCardStateProvider(({ redirectUrlComplete }: SessionTasksProps) => {
-  const clerk = useClerk();
-  const { navigate } = useRouter();
-
-  const currentTaskContainer = useRef<HTMLDivElement>(null);
-
-  // If there are no pending tasks, navigate away from the tasks flow.
-  // This handles cases where a user with an active session returns to the tasks URL,
-  // for example by using browser back navigation. Since there are no pending tasks,
-  // we redirect them to their intended destination.
-  useEffect(() => {
-    // Tasks can only exist on pending sessions, but we check both conditions
-    // here to be defensive and ensure proper redirection
-    const task = clerk.session?.currentTask;
-    if (!task || clerk.session?.status === 'active') {
-      void navigate(redirectUrlComplete);
-      return;
-    }
-
-    clerk.telemetry?.record(eventComponentMounted('SessionTask', { task: task.key }));
-  }, [clerk, navigate, redirectUrlComplete]);
-
-  if (!clerk.session?.currentTask) {
-    return (
-      <Card.Root
-        sx={() => ({
-          minHeight: currentTaskContainer ? currentTaskContainer.current?.offsetHeight : undefined,
-        })}
-      >
-        <Card.Content sx={() => ({ flex: 1 })}>
-          <LoadingCardContainer />
-        </Card.Content>
-        <Card.Footer />
-      </Card.Root>
-    );
-  }
-
+  const shouldAutoNavigateAwayRef = useRef<boolean>(true);
   return (
-    <SessionTasksContext.Provider value={{ redirectUrlComplete }}>
+    <SessionTasksContext.Provider value={{ redirectUrlComplete, shouldAutoNavigateAway: shouldAutoNavigateAwayRef }}>
       <SessionTasksRoutes />
     </SessionTasksContext.Provider>
   );
diff --git a/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/SetupMfaStartScreen.tsx b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/SetupMfaStartScreen.tsx
new file mode 100644
index 00000000000..3d32f417fc3
--- /dev/null
+++ b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/SetupMfaStartScreen.tsx
@@ -0,0 +1,107 @@
+import type { VerificationStrategy } from '@clerk/shared/types';
+
+import { Actions } from '@/elements/Actions';
+import { useCardState } from '@/elements/contexts';
+import { PreviewButton } from '@/elements/PreviewButton';
+import { AuthApp, Mobile } from '@/icons';
+import { Col, descriptors, Flex, Icon, localizationKeys, Text } from '@/ui/customizables';
+import { Card } from '@/ui/elements/Card';
+import { Header } from '@/ui/elements/Header';
+
+import { MFA_METHODS_TO_STEP } from './constants';
+import { SharedFooterActionForSignOut } from './shared';
+
+type SetupMfaStartScreenProps = {
+  availableMethods: VerificationStrategy[];
+  goToStep: (step: number) => void;
+};
+
+const getMethodIconAndLabel = (method: VerificationStrategy) => {
+  switch (method) {
+    case 'totp':
+      return { icon: <Icon icon={AuthApp} />, label: localizationKeys('taskSetupMfa.start.methodSelection.totp') };
+    case 'phone_code':
+      return {
+        icon: <Icon icon={Mobile} />,
+        label: localizationKeys('taskSetupMfa.start.methodSelection.phoneCode'),
+      };
+    default:
+      return { icon: null, label: null };
+  }
+};
+
+export const SetupMfaStartScreen = (props: SetupMfaStartScreenProps) => {
+  const { availableMethods, goToStep } = props;
+  const card = useCardState();
+
+  return (
+    <Card.Root>
+      <Card.Content sx={t => ({ padding: t.space.$none })}>
+        <Header.Root
+          showLogo
+          sx={t => ({
+            paddingTop: t.space.$8,
+            paddingLeft: t.space.$8,
+            paddingRight: t.space.$8,
+          })}
+        >
+          <Header.Title localizationKey={localizationKeys('taskSetupMfa.start.title')} />
+          <Header.Subtitle localizationKey={localizationKeys('taskSetupMfa.start.subtitle')} />
+        </Header.Root>
+        <Card.Alert>{card.error}</Card.Alert>
+        <Actions
+          role='menu'
+          elementDescriptor={descriptors.taskSetupMfaMethodSelectionItems}
+          sx={t => ({
+            borderTopWidth: t.borderWidths.$normal,
+            borderTopStyle: t.borderStyles.$solid,
+            borderTopColor: t.colors.$borderAlpha100,
+          })}
+        >
+          {availableMethods.map(method => {
+            const { icon, label } = getMethodIconAndLabel(method);
+
+            if (!icon || !label) {
+              return null;
+            }
+
+            return (
+              <PreviewButton
+                elementDescriptor={descriptors.taskSetupMfaMethodSelectionItem}
+                hoverAsFocus
+                block
+                key={method}
+                onClick={() => {
+                  goToStep(MFA_METHODS_TO_STEP[method as keyof typeof MFA_METHODS_TO_STEP]);
+                }}
+              >
+                <Flex sx={t => ({ gap: t.space.$2, alignItems: 'center' })}>
+                  <Flex
+                    sx={t => ({
+                      borderRadius: t.radii.$circle,
+                      borderWidth: t.borderWidths.$normal,
+                      borderStyle: t.borderStyles.$solid,
+                      borderColor: t.colors.$avatarBorder,
+                      padding: t.space.$2,
+                      backgroundColor: t.colors.$neutralAlpha50,
+                    })}
+                  >
+                    {icon}
+                  </Flex>
+                  <Text
+                    variant='buttonLarge'
+                    localizationKey={label}
+                  />
+                </Flex>
+              </PreviewButton>
+            );
+          })}
+        </Actions>
+      </Card.Content>
+
+      <Card.Footer>
+        <SharedFooterActionForSignOut />
+      </Card.Footer>
+    </Card.Root>
+  );
+};
diff --git a/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/SmsCodeFlowScreen.tsx b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/SmsCodeFlowScreen.tsx
new file mode 100644
index 00000000000..ec4bc8d09fc
--- /dev/null
+++ b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/SmsCodeFlowScreen.tsx
@@ -0,0 +1,395 @@
+import { useReverification, useUser } from '@clerk/shared/react';
+import type { PhoneNumberResource, UserResource } from '@clerk/shared/types';
+import React, { useRef } from 'react';
+
+import { useWizard, Wizard } from '@/common';
+import { MfaBackupCodeList } from '@/components/UserProfile/MfaBackupCodeList';
+import { Action, Actions } from '@/elements/Actions';
+import { useCardState } from '@/elements/contexts';
+import { Form } from '@/elements/Form';
+import { FormButtonContainer } from '@/elements/FormButtons';
+import { PreviewButton } from '@/elements/PreviewButton';
+import { type VerificationCodeCardProps, VerificationCodeContent } from '@/elements/VerificationCodeCard';
+import { Add } from '@/icons';
+import { Button, Col, descriptors, Flex, Flow, localizationKeys, Text } from '@/ui/customizables';
+import { Card } from '@/ui/elements/Card';
+import { Header } from '@/ui/elements/Header';
+import { SuccessPage } from '@/ui/elements/SuccessPage';
+import { handleError } from '@/ui/utils/errorHandler';
+import { getFlagEmojiFromCountryIso, parsePhoneString, stringToFormattedPhoneString } from '@/ui/utils/phoneUtils';
+import { useFormControl } from '@/ui/utils/useFormControl';
+
+import { SharedFooterActionForSignOut } from './shared';
+
+type MFAVerifyPhoneForSessionTasksProps = {
+  resourceRef: React.MutableRefObject<PhoneNumberResource | undefined>;
+  onSuccess: () => void;
+  onReset: () => void;
+};
+
+const MFAVerifyPhoneForSessionTasks = (props: MFAVerifyPhoneForSessionTasksProps) => {
+  const { onSuccess, resourceRef, onReset } = props;
+  const card = useCardState();
+  const phone = resourceRef.current;
+  const setReservedForSecondFactor = useReverification(() => phone?.setReservedForSecondFactor({ reserved: true }));
+
+  const prepare = () => {
+    return resourceRef.current?.prepareVerification?.()?.catch(err => handleError(err, [], card.setError));
+  };
+
+  const enableMfa = async () => {
+    card.setLoading(phone?.id);
+    try {
+      const result = await setReservedForSecondFactor();
+      resourceRef.current = result;
+      onSuccess();
+    } catch (err) {
+      handleError(err as Error, [], card.setError);
+    } finally {
+      card.setIdle();
+    }
+  };
+
+  React.useEffect(() => {
+    void prepare();
+  }, []);
+
+  const action: VerificationCodeCardProps['onCodeEntryFinishedAction'] = (code, resolve, reject) => {
+    void resourceRef.current
+      ?.attemptVerification({ code: code })
+      .then(async () => {
+        await resolve();
+        enableMfa();
+      })
+      .catch(reject);
+  };
+
+  return (
+    <Card.Content>
+      <VerificationCodeContent
+        cardTitle={localizationKeys('taskSetupMfa.smsCode.verifyPhone.title')}
+        cardSubtitle={localizationKeys('taskSetupMfa.smsCode.verifyPhone.subtitle')}
+        safeIdentifier={resourceRef.current?.phoneNumber || ''}
+        inputLabel={localizationKeys('taskSetupMfa.smsCode.verifyPhone.formTitle')}
+        resendButton={localizationKeys('taskSetupMfa.smsCode.verifyPhone.resendButton')}
+        badgeText={localizationKeys('taskSetupMfa.badge')}
+        onCodeEntryFinishedAction={action}
+        onResendCodeClicked={prepare}
+        onIdentityPreviewEditClicked={() => onReset()}
+        onBackLinkClicked={() => onReset()}
+        backLinkLabel={localizationKeys('taskSetupMfa.smsCode.cancel')}
+      />
+    </Card.Content>
+  );
+};
+
+type AddPhoneForSessionTasksProps = {
+  resourceRef: React.MutableRefObject<PhoneNumberResource | undefined>;
+  onSuccess: () => void;
+  onReset: () => void;
+  onUseExistingNumberClick: () => void;
+};
+
+const AddPhoneForSessionTasks = (props: AddPhoneForSessionTasksProps) => {
+  const { resourceRef, onSuccess, onReset } = props;
+  const card = useCardState();
+  const { user } = useUser();
+  const createPhoneNumber = useReverification(
+    (user: UserResource, opt: Parameters<UserResource['createPhoneNumber']>[0]) => user.createPhoneNumber(opt),
+  );
+
+  const phoneField = useFormControl('phoneNumber', '', {
+    type: 'tel',
+    label: localizationKeys('formFieldLabel__phoneNumber'),
+    isRequired: true,
+  });
+
+  const canSubmit = phoneField.value.length > 1 && user?.username !== phoneField.value;
+
+  const addPhone = async (e: React.FormEvent) => {
+    e.preventDefault();
+    if (!user) {
+      return;
+    }
+    card.runAsync(async () => {
+      try {
+        const res = await createPhoneNumber(user, { phoneNumber: phoneField.value });
+        resourceRef.current = res;
+        onSuccess();
+      } catch (e) {
+        handleError(e as Error, [phoneField], card.setError);
+      }
+    });
+  };
+
+  return (
+    <Card.Content>
+      <Header.Root badgeText={localizationKeys('taskSetupMfa.badge')}>
+        <Header.Title localizationKey={localizationKeys('taskSetupMfa.smsCode.addPhoneNumber')} />
+        <Header.Subtitle localizationKey={localizationKeys('taskSetupMfa.smsCode.addPhone.infoText')} />
+      </Header.Root>
+      <Card.Alert>{card.error}</Card.Alert>
+      <Form.Root onSubmit={e => void addPhone(e)}>
+        <Form.ControlRow elementId={phoneField.id}>
+          <Form.PhoneInput
+            {...phoneField.props}
+            autoFocus
+          />
+        </Form.ControlRow>
+        <FormButtonContainer
+          sx={theme => ({
+            flexDirection: 'column',
+            gap: theme.space.$4,
+          })}
+        >
+          <Form.SubmitButton
+            hasArrow
+            isDisabled={!canSubmit}
+            localizationKey={localizationKeys('taskSetupMfa.smsCode.addPhone.formButtonPrimary')}
+          />
+          <Form.ResetButton
+            localizationKey={localizationKeys('taskSetupMfa.smsCode.cancel')}
+            onClick={onReset}
+          />
+        </FormButtonContainer>
+      </Form.Root>
+    </Card.Content>
+  );
+};
+
+type SuccessScreenProps = {
+  resourceRef: React.MutableRefObject<PhoneNumberResource | undefined>;
+  onFinish: () => void;
+};
+
+const SuccessScreen = (props: SuccessScreenProps) => {
+  const { resourceRef, onFinish } = props;
+
+  return (
+    <Card.Content>
+      <SuccessPage
+        title={localizationKeys('taskSetupMfa.smsCode.success.title')}
+        subtitle={localizationKeys('taskSetupMfa.smsCode.success.message1')}
+        headerBadgeText={localizationKeys('taskSetupMfa.badge')}
+        onFinish={onFinish}
+        contents={
+          <MfaBackupCodeList
+            backupCodes={resourceRef.current?.backupCodes}
+            subtitle={localizationKeys('taskSetupMfa.smsCode.success.message2')}
+          />
+        }
+        finishLabel={localizationKeys('taskSetupMfa.smsCode.success.finishButton')}
+        finishButtonProps={{
+          block: true,
+          hasArrow: true,
+        }}
+      />
+    </Card.Content>
+  );
+};
+
+type PhoneItemProps = {
+  phone: PhoneNumberResource;
+  onSuccess: () => void;
+  onUnverifiedPhoneClick: (phone: PhoneNumberResource) => void;
+  resourceRef: React.MutableRefObject<PhoneNumberResource | undefined>;
+};
+
+const PhoneItem = ({ phone, onSuccess, onUnverifiedPhoneClick, resourceRef }: PhoneItemProps) => {
+  const card = useCardState();
+  const setReservedForSecondFactor = useReverification(() => phone.setReservedForSecondFactor({ reserved: true }));
+
+  const { iso } = parsePhoneString(phone.phoneNumber);
+  const flag = getFlagEmojiFromCountryIso(iso);
+  const formattedPhone = stringToFormattedPhoneString(phone.phoneNumber);
+
+  const handleSelect = async () => {
+    if (phone.verification.status !== 'verified') {
+      return onUnverifiedPhoneClick(phone);
+    }
+
+    card.setLoading(phone.id);
+    try {
+      const result = await setReservedForSecondFactor();
+      resourceRef.current = result;
+      onSuccess();
+    } catch (err) {
+      handleError(err as Error, [], card.setError);
+    } finally {
+      card.setIdle();
+    }
+  };
+
+  return (
+    <PreviewButton
+      isLoading={card.loadingMetadata === phone.id}
+      hoverAsFocus
+      block
+      elementDescriptor={descriptors.taskSetupMfaPhoneSelectionItem}
+      sx={t => ({
+        padding: `${t.space.$4} ${t.space.$6}`,
+      })}
+      onClick={() => void handleSelect()}
+    >
+      <Flex sx={t => ({ gap: t.space.$4, alignItems: 'center' })}>
+        <Text sx={t => ({ fontSize: t.fontSizes.$lg })}>{flag}</Text>
+        <Text variant='buttonLarge'>{formattedPhone}</Text>
+      </Flex>
+    </PreviewButton>
+  );
+};
+
+type SmsCodeScreenProps = {
+  onSuccess: () => void;
+  onReset: () => void;
+  onAddPhoneClick: () => void;
+  onUnverifiedPhoneClick: (phone: PhoneNumberResource) => void;
+  resourceRef: React.MutableRefObject<PhoneNumberResource | undefined>;
+  availablePhones: PhoneNumberResource[];
+};
+
+const SmsCodeScreen = (props: SmsCodeScreenProps) => {
+  const { onSuccess, onReset, onAddPhoneClick, onUnverifiedPhoneClick, resourceRef } = props;
+  const { user } = useUser();
+  const card = useCardState();
+
+  if (!user) {
+    return null;
+  }
+
+  const availablePhones = user.phoneNumbers.filter(p => !p.reservedForSecondFactor);
+
+  return (
+    <Flow.Part part='phoneCode'>
+      <Card.Content sx={t => ({ padding: t.space.$none })}>
+        <Header.Root
+          showLogo
+          badgeText={localizationKeys('taskSetupMfa.badge')}
+          sx={t => ({
+            paddingTop: t.space.$8,
+            paddingLeft: t.space.$8,
+            paddingRight: t.space.$8,
+          })}
+        >
+          <Header.Title localizationKey={localizationKeys('taskSetupMfa.smsCode.title')} />
+          <Header.Subtitle localizationKey={localizationKeys('taskSetupMfa.smsCode.subtitle')} />
+        </Header.Root>
+        <Card.Alert>{card.error}</Card.Alert>
+        <Col>
+          <Actions
+            role='menu'
+            elementDescriptor={descriptors.taskSetupMfaPhoneSelectionItems}
+            sx={t => ({
+              borderTopWidth: t.borderWidths.$normal,
+              borderTopStyle: t.borderStyles.$solid,
+              borderTopColor: t.colors.$borderAlpha100,
+            })}
+          >
+            {availablePhones?.map(phone => (
+              <PhoneItem
+                key={phone.id}
+                phone={phone}
+                onSuccess={onSuccess}
+                onUnverifiedPhoneClick={onUnverifiedPhoneClick}
+                resourceRef={resourceRef}
+              />
+            ))}
+            <Action
+              hoverAsFocus
+              label={localizationKeys('taskSetupMfa.smsCode.addPhoneNumber')}
+              block
+              onClick={onAddPhoneClick}
+              icon={Add}
+              elementDescriptor={descriptors.taskSetupMfaPhoneSelectionAddPhoneAction}
+              sx={t => ({
+                borderTopWidth: t.borderWidths.$normal,
+                borderTopStyle: t.borderStyles.$solid,
+                borderTopColor: t.colors.$borderAlpha100,
+                padding: `${t.space.$4} ${t.space.$4}`,
+                gap: t.space.$2,
+              })}
+              iconSx={t => ({
+                width: t.sizes.$8,
+                height: t.sizes.$6,
+              })}
+            />
+          </Actions>
+          <Flex
+            justify='center'
+            sx={t => ({
+              borderTopWidth: t.borderWidths.$normal,
+              borderTopStyle: t.borderStyles.$solid,
+              borderTopColor: t.colors.$borderAlpha100,
+              padding: t.space.$4,
+            })}
+          >
+            <Button
+              variant='ghost'
+              onClick={onReset}
+              block
+              elementDescriptor={descriptors.formButtonReset}
+              localizationKey={localizationKeys('taskSetupMfa.smsCode.cancel')}
+            />
+          </Flex>
+        </Col>
+      </Card.Content>
+    </Flow.Part>
+  );
+};
+
+type SmsCodeFlowProps = {
+  onSuccess: () => void;
+  goToStartStep: () => void;
+};
+
+export const SmsCodeFlow = (props: SmsCodeFlowProps) => {
+  const { onSuccess, goToStartStep } = props;
+  const { user } = useUser();
+
+  const ref = useRef<PhoneNumberResource>();
+  const availablePhones = user?.phoneNumbers.filter(p => !p.reservedForSecondFactor) || [];
+  const wizard = useWizard({ defaultStep: availablePhones.length > 0 ? 2 : 0 });
+
+  return (
+    <Card.Root>
+      <Wizard
+        {...wizard.props}
+        animate={false}
+      >
+        {/* Step 0: Add new phone (default if no available phones) */}
+        <AddPhoneForSessionTasks
+          resourceRef={ref}
+          onSuccess={wizard.nextStep}
+          onUseExistingNumberClick={() => wizard.goToStep(2)}
+          onReset={() => (availablePhones.length > 0 ? wizard.goToStep(2) : goToStartStep())}
+        />
+        {/* Step 1: Verify phone */}
+        <MFAVerifyPhoneForSessionTasks
+          resourceRef={ref}
+          onSuccess={() => wizard.goToStep(3)}
+          onReset={() => wizard.goToStep(2)}
+        />
+        {/* Step 2: Phone selection (default if available phones) */}
+        <SmsCodeScreen
+          availablePhones={availablePhones}
+          onSuccess={wizard.nextStep}
+          onReset={goToStartStep}
+          onAddPhoneClick={() => wizard.goToStep(0)}
+          onUnverifiedPhoneClick={(phone: PhoneNumberResource) => {
+            ref.current = phone;
+            wizard.goToStep(1);
+          }}
+          resourceRef={ref}
+        />
+        {/* Step 3: Success with backup codes */}
+        <SuccessScreen
+          resourceRef={ref}
+          onFinish={onSuccess}
+        />
+      </Wizard>
+      <Card.Footer>
+        <SharedFooterActionForSignOut />
+      </Card.Footer>
+    </Card.Root>
+  );
+};
diff --git a/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/TOTPCodeFlowScreen.tsx b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/TOTPCodeFlowScreen.tsx
new file mode 100644
index 00000000000..ed0fbd14aff
--- /dev/null
+++ b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/TOTPCodeFlowScreen.tsx
@@ -0,0 +1,285 @@
+import { useClerk, useReverification, useUser } from '@clerk/shared/react';
+import type { TOTPResource } from '@clerk/shared/types';
+import React, { useRef } from 'react';
+
+import { QRCode, useWizard, Wizard } from '@/common';
+import { MfaBackupCodeList } from '@/components/UserProfile/MfaBackupCodeList';
+import { useRouter } from '@/router';
+import { Button, Col, descriptors, Flex, localizationKeys, Text } from '@/ui/customizables';
+import { Card } from '@/ui/elements/Card';
+import { SuccessPage } from '@/ui/elements/SuccessPage';
+import { SharedFooterActionForSignOut } from './shared';
+import { useCardState, withCardStateProvider } from '@/elements/contexts';
+import { FormContainer } from '@/elements/FormContainer';
+import { useFieldOTP } from '@/elements/CodeControl';
+import { Form } from '@/elements/Form';
+import { FormButtonContainer } from '@/elements/FormButtons';
+import { handleError } from '@/utils/errorHandler';
+import { FullHeightLoader } from '@/elements/FullHeightLoader';
+import { ClipboardInput } from '@/elements/ClipboardInput';
+import { isClerkRuntimeError } from '@clerk/shared/error';
+import { Check, ClipboardOutline } from '@/icons';
+
+type SuccessScreenProps = {
+  resourceRef: React.MutableRefObject<TOTPResource | undefined>;
+  onFinish: () => void;
+};
+
+type VerifyTOTPProps = {
+  onSuccess: () => void;
+  onReset: () => void;
+  resourceRef: React.MutableRefObject<TOTPResource | undefined>;
+};
+
+type AddAuthenticatorAppProps = {
+  onSuccess: () => void;
+  onReset: () => void;
+};
+
+type DisplayFormat = 'qr' | 'uri';
+
+export const AddAuthenticatorApp = withCardStateProvider((props: AddAuthenticatorAppProps) => {
+  const { onSuccess, onReset } = props;
+  const { user } = useUser();
+  const card = useCardState();
+  const createTOTP = useReverification(() => user?.createTOTP());
+  const [totp, setTOTP] = React.useState<TOTPResource | undefined>(undefined);
+  const [displayFormat, setDisplayFormat] = React.useState<DisplayFormat>('qr');
+
+  React.useEffect(() => {
+    if (!user) {
+      return;
+    }
+
+    void createTOTP()
+      .then(totp => setTOTP(totp))
+      .catch(err => {
+        if (isClerkRuntimeError(err) && err.code === 'reverification_cancelled') {
+          return close();
+        }
+        return handleError(err, [], card.setError);
+      });
+  }, []);
+
+  return (
+    <>
+      <FormContainer
+        headerTitle={localizationKeys('taskSetupMfa.totpCode.title')}
+        headerTitleTextVariant='h2'
+        headerSubtitle={
+          displayFormat == 'qr'
+            ? localizationKeys('taskSetupMfa.totpCode.addAuthenticatorApp.infoText__ableToScan')
+            : localizationKeys('taskSetupMfa.totpCode.addAuthenticatorApp.infoText__unableToScan')
+        }
+        badgeText={localizationKeys('taskSetupMfa.badge')}
+      >
+        {!totp && <FullHeightLoader />}
+
+        {totp && (
+          <>
+            <Col gap={4}>
+              {displayFormat == 'qr' && (
+                <QRCode
+                  justify='center'
+                  url={totp.uri || ''}
+                />
+              )}
+
+              {displayFormat == 'uri' && (
+                <>
+                  <Text
+                    colorScheme='secondary'
+                    localizationKey={localizationKeys(
+                      'taskSetupMfa.totpCode.addAuthenticatorApp.inputLabel__unableToScan1',
+                    )}
+                  />
+
+                  <ClipboardInput
+                    value={totp.secret}
+                    copyIcon={ClipboardOutline}
+                    copiedIcon={Check}
+                  />
+                </>
+              )}
+            </Col>
+            <Col
+              sx={theme => ({
+                gap: theme.space.$8,
+              })}
+            >
+              {displayFormat == 'qr' && (
+                <Button
+                  variant='outline'
+                  textVariant='buttonLarge'
+                  onClick={() => setDisplayFormat('uri')}
+                  localizationKey={localizationKeys(
+                    'taskSetupMfa.totpCode.addAuthenticatorApp.buttonUnableToScan__nonPrimary',
+                  )}
+                />
+              )}
+              {displayFormat == 'uri' && (
+                <Button
+                  variant='outline'
+                  block
+                  textVariant='buttonLarge'
+                  onClick={() => setDisplayFormat('qr')}
+                  localizationKey={localizationKeys(
+                    'taskSetupMfa.totpCode.addAuthenticatorApp.buttonAbleToScan__nonPrimary',
+                  )}
+                />
+              )}
+              <FormButtonContainer
+                sx={theme => ({
+                  flexDirection: 'column',
+                  gap: theme.space.$4,
+                })}
+              >
+                <Button
+                  block
+                  onClick={onSuccess}
+                  hasArrow
+                  localizationKey={localizationKeys('taskSetupMfa.totpCode.addAuthenticatorApp.formButtonPrimary')}
+                  elementDescriptor={descriptors.formButtonPrimary}
+                />
+
+                <Button
+                  block
+                  variant='ghost'
+                  onClick={onReset}
+                  localizationKey={localizationKeys('taskSetupMfa.totpCode.addAuthenticatorApp.formButtonReset')}
+                  elementDescriptor={descriptors.formButtonReset}
+                />
+              </FormButtonContainer>
+            </Col>
+          </>
+        )}
+      </FormContainer>
+    </>
+  );
+});
+
+export const VerifyTOTP = withCardStateProvider((props: VerifyTOTPProps) => {
+  const { onSuccess, onReset, resourceRef } = props;
+  const { user } = useUser();
+
+  const otp = useFieldOTP<TOTPResource>({
+    onCodeEntryFinished: (code, resolve, reject) => {
+      user
+        ?.verifyTOTP({ code })
+        .then((totp: TOTPResource) => resolve(totp))
+        .catch(reject);
+    },
+    onResolve: a => {
+      resourceRef.current = a;
+      onSuccess();
+    },
+  });
+
+  return (
+    <FormContainer
+      headerTitle={localizationKeys('taskSetupMfa.totpCode.verifyTotp.title')}
+      headerTitleTextVariant='h2'
+      headerSubtitle={localizationKeys('taskSetupMfa.totpCode.verifyTotp.subtitle')}
+      badgeText={localizationKeys('taskSetupMfa.badge')}
+    >
+      <Col>
+        <Form.OTPInput
+          {...otp}
+          label={localizationKeys('taskSetupMfa.totpCode.verifyTotp.formTitle')}
+          description={localizationKeys('taskSetupMfa.totpCode.verifyTotp.subtitle')}
+        />
+      </Col>
+
+      <FormButtonContainer
+        sx={theme => ({
+          flexDirection: 'column',
+          gap: theme.space.$4,
+        })}
+      >
+        <Button
+          onClick={() => otp.onFakeContinue()}
+          isDisabled={otp.isLoading}
+          hasArrow
+          block
+          localizationKey={localizationKeys('taskSetupMfa.totpCode.verifyTotp.formButtonPrimary')}
+          elementDescriptor={descriptors.formButtonPrimary}
+        />
+        <Button
+          onClick={() => onReset?.()}
+          variant='ghost'
+          block
+          isDisabled={otp.isLoading}
+          localizationKey={localizationKeys('taskSetupMfa.totpCode.verifyTotp.formButtonReset')}
+          elementDescriptor={descriptors.formButtonReset}
+        />
+      </FormButtonContainer>
+    </FormContainer>
+  );
+});
+
+const SuccessScreen = (props: SuccessScreenProps) => {
+  const { resourceRef, onFinish } = props;
+
+  return (
+    <SuccessPage
+      title={localizationKeys('taskSetupMfa.totpCode.success.title')}
+      subtitle={localizationKeys('taskSetupMfa.totpCode.success.message1')}
+      headerBadgeText={localizationKeys('taskSetupMfa.badge')}
+      onFinish={onFinish}
+      contents={
+        <MfaBackupCodeList
+          backupCodes={resourceRef.current?.backupCodes}
+          subtitle={localizationKeys('taskSetupMfa.totpCode.success.message2')}
+        />
+      }
+      finishLabel={localizationKeys('taskSetupMfa.totpCode.success.finishButton')}
+      finishButtonProps={{
+        block: true,
+        hasArrow: true,
+      }}
+    />
+  );
+};
+
+type TOTPCodeFlowProps = {
+  onSuccess: () => void;
+  goToStartStep: () => void;
+};
+
+export const TOTPCodeFlow = (props: TOTPCodeFlowProps) => {
+  const { onSuccess, goToStartStep } = props;
+
+  const ref = useRef<TOTPResource>();
+  const wizard = useWizard({ defaultStep: 0 });
+
+  return (
+    <Card.Root>
+      <Card.Content>
+        <Wizard
+          {...wizard.props}
+          animate={false}
+        >
+          {/* Step 0: Add new authenticator app (default if no available authenticator apps) */}
+          <AddAuthenticatorApp
+            onSuccess={() => wizard.goToStep(1)}
+            onReset={goToStartStep}
+          />
+          {/* Step 1: Verify TOTP */}
+          <VerifyTOTP
+            onSuccess={() => wizard.goToStep(2)}
+            onReset={() => wizard.goToStep(0)}
+            resourceRef={ref}
+          />
+          {/* Step 3: Success with backup codes */}
+          <SuccessScreen
+            resourceRef={ref}
+            onFinish={onSuccess}
+          />
+        </Wizard>
+      </Card.Content>
+      <Card.Footer>
+        <SharedFooterActionForSignOut />
+      </Card.Footer>
+    </Card.Root>
+  );
+};
diff --git a/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/__tests__/TaskSetupMfa.test.tsx b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/__tests__/TaskSetupMfa.test.tsx
new file mode 100644
index 00000000000..11e2e825d15
--- /dev/null
+++ b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/__tests__/TaskSetupMfa.test.tsx
@@ -0,0 +1,892 @@
+import { ClerkAPIResponseError } from '@clerk/shared/error';
+import type { PhoneNumberResource, TOTPResource } from '@clerk/shared/types';
+import { describe, expect, it, test, vi } from 'vitest';
+
+import { bindCreateFixtures } from '@/test/create-fixtures';
+import { act, render, screen, waitFor } from '@/test/utils';
+
+import { TaskSetupMFA } from '..';
+
+const { createFixtures } = bindCreateFixtures('TaskSetupMFA');
+
+describe('TaskSetupMFA', () => {
+  describe('task guard', () => {
+    it('does not render component without existing session task', async () => {
+      const { wrapper } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+        });
+        f.withAuthenticatorApp();
+      });
+
+      const { queryByText, queryByRole } = render(<TaskSetupMFA />, { wrapper });
+
+      expect(queryByText('Set up two-step verification')).not.toBeInTheDocument();
+      expect(queryByRole('link', { name: /sign out/i })).not.toBeInTheDocument();
+    });
+
+    it('renders component when session task exists', async () => {
+      const { wrapper } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+      });
+
+      const { queryByText, queryByRole } = render(<TaskSetupMFA />, { wrapper });
+
+      expect(queryByText('Set up two-step verification')).toBeInTheDocument();
+      expect(queryByRole('link', { name: /sign out/i })).toBeInTheDocument();
+    });
+  });
+
+  describe('main flow', () => {
+    it('should render SMS code and TOTP items on the first screen if both are enabled', async () => {
+      const { wrapper } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withAuthenticatorApp({ enabled: true });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      const { getByRole } = render(<TaskSetupMFA />, { wrapper });
+
+      expect(getByRole('button', { name: /authenticator application/i })).toBeInTheDocument();
+      expect(getByRole('button', { name: /sms code/i })).toBeInTheDocument();
+    });
+
+    it('should render SMS code item on the first screen if only SMS code is enabled', async () => {
+      const { wrapper } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      const { getByRole, queryByRole } = render(<TaskSetupMFA />, { wrapper });
+
+      expect(queryByRole('button', { name: /authenticator application/i })).not.toBeInTheDocument();
+      expect(getByRole('button', { name: /sms code/i })).toBeInTheDocument();
+    });
+
+    it('should render TOTP item on the first screen if only TOTP is enabled', async () => {
+      const { wrapper } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withAuthenticatorApp({ enabled: true });
+      });
+
+      const { getByRole, queryByRole } = render(<TaskSetupMFA />, { wrapper });
+
+      expect(getByRole('button', { name: /authenticator application/i })).toBeInTheDocument();
+      expect(queryByRole('button', { name: /sms code/i })).not.toBeInTheDocument();
+    });
+  });
+  describe('authenticator application', () => {
+    it('should render the initial screen with the qr code', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withAuthenticatorApp({ enabled: true });
+      });
+
+      fixtures.clerk.user?.createTOTP.mockResolvedValue({
+        uri: 'otpauth://totp/Test:test@clerk.com?secret=TESTSECRET&issuer=Test',
+        secret: 'TESTSECRET',
+      } as TOTPResource);
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /authenticator application/i }));
+      });
+
+      await findByText('Add authenticator application');
+      await findByText(/scan the following QR code/i);
+      expect(getByRole('button', { name: /can't scan qr code/i })).toBeInTheDocument();
+    });
+
+    test('clicking the "cant scan qr code" button should render the screen with the uri', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withAuthenticatorApp({ enabled: true });
+      });
+
+      fixtures.clerk.user?.createTOTP.mockResolvedValue({
+        uri: 'otpauth://totp/Test:test@clerk.com?secret=TESTSECRET&issuer=Test',
+        secret: 'TESTSECRET',
+      } as TOTPResource);
+
+      const { getByRole, findByText, userEvent, queryByText } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /authenticator application/i }));
+      });
+
+      await findByText('Add authenticator application');
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /can't scan qr code/i }));
+      });
+
+      await findByText(/Set up a new sign-in method in your authenticator and enter the Key provided below/i);
+      expect(queryByText(/scan the following QR code/i)).not.toBeInTheDocument();
+      expect(getByRole('button', { name: /scan qr code instead/i })).toBeInTheDocument();
+    });
+
+    test('clicking continue button should navigate to the verification screen', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withAuthenticatorApp({ enabled: true });
+      });
+
+      fixtures.clerk.user?.createTOTP.mockResolvedValue({
+        uri: 'otpauth://totp/Test:test@clerk.com?secret=TESTSECRET&issuer=Test',
+        secret: 'TESTSECRET',
+      } as TOTPResource);
+
+      const { getByRole, findByText, findByLabelText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /authenticator application/i }));
+      });
+
+      await findByText('Add authenticator application');
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /continue/i }));
+      });
+
+      await findByText(/enter verification code generated by your authenticator/i);
+      await findByLabelText(/verification code/i);
+    });
+
+    test('completing TOTP verification should show success screen with backup codes', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withAuthenticatorApp({ enabled: true });
+        f.withBackupCode();
+      });
+
+      fixtures.clerk.user?.createTOTP.mockResolvedValue({
+        uri: 'otpauth://totp/Test:test@clerk.com?secret=TESTSECRET&issuer=Test',
+        secret: 'TESTSECRET',
+      } as TOTPResource);
+
+      fixtures.clerk.user?.verifyTOTP.mockResolvedValue({
+        backupCodes: ['code1', 'code2', 'code3'],
+      } as TOTPResource);
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /authenticator application/i }));
+      });
+
+      await findByText('Add authenticator application');
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /continue/i }));
+      });
+
+      await findByText(/enter verification code generated by your authenticator/i);
+
+      await userEvent.type(screen.getByLabelText(/verification code/i), '123456');
+
+      await waitFor(() => {
+        expect(fixtures.clerk.user?.verifyTOTP).toHaveBeenCalledWith({ code: '123456' });
+      });
+
+      await findByText(/authenticator application verification enabled/i);
+      await findByText(/save these backup codes/i);
+    });
+
+    test('completing TOTP verification should show simple success screen when backup codes are not enabled', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withAuthenticatorApp({ enabled: true });
+      });
+
+      fixtures.clerk.user?.createTOTP.mockResolvedValue({
+        uri: 'otpauth://totp/Test:test@clerk.com?secret=TESTSECRET&issuer=Test',
+        secret: 'TESTSECRET',
+      } as TOTPResource);
+
+      fixtures.clerk.user?.verifyTOTP.mockResolvedValue({} as TOTPResource);
+
+      const { getByRole, findByText, queryByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /authenticator application/i }));
+      });
+
+      await findByText('Add authenticator application');
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /continue/i }));
+      });
+
+      await findByText(/enter verification code generated by your authenticator/i);
+
+      await userEvent.type(screen.getByLabelText(/verification code/i), '123456');
+
+      await waitFor(() => {
+        expect(fixtures.clerk.user?.verifyTOTP).toHaveBeenCalledWith({ code: '123456' });
+      });
+
+      await findByText(/authenticator application verification enabled/i);
+      expect(queryByText(/save these backup codes/i)).not.toBeInTheDocument();
+    });
+
+    test('clicking "scan qr code instead" should switch back from URI view to QR code', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withAuthenticatorApp({ enabled: true });
+      });
+
+      fixtures.clerk.user?.createTOTP.mockResolvedValue({
+        uri: 'otpauth://totp/Test:test@clerk.com?secret=TESTSECRET&issuer=Test',
+        secret: 'TESTSECRET',
+      } as TOTPResource);
+
+      const { getByRole, findByText, queryByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /authenticator application/i }));
+      });
+
+      await findByText('Add authenticator application');
+
+      // Switch to URI view
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /can't scan qr code/i }));
+      });
+
+      await findByText(/Set up a new sign-in method in your authenticator and enter the Key provided below/i);
+      expect(queryByText(/scan the following QR code/i)).not.toBeInTheDocument();
+
+      // Switch back to QR code view
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /scan qr code instead/i }));
+      });
+
+      await findByText(/scan the following QR code/i);
+      expect(
+        queryByText(/Set up a new sign-in method in your authenticator and enter the Key provided below/i),
+      ).not.toBeInTheDocument();
+      expect(getByRole('button', { name: /can't scan qr code/i })).toBeInTheDocument();
+    });
+
+    it('should navigate back to main selection when clicking cancel from TOTP flow', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withAuthenticatorApp({ enabled: true });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      fixtures.clerk.user?.createTOTP.mockResolvedValue({
+        uri: 'otpauth://totp/Test:test@clerk.com?secret=TESTSECRET&issuer=Test',
+        secret: 'TESTSECRET',
+      } as TOTPResource);
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /authenticator application/i }));
+      });
+
+      await findByText('Add authenticator application');
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /cancel/i }));
+      });
+
+      // Should be back on main selection screen
+      expect(getByRole('button', { name: /authenticator application/i })).toBeInTheDocument();
+      expect(getByRole('button', { name: /sms code/i })).toBeInTheDocument();
+    });
+
+    it('should display error when createTOTP fails', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withAuthenticatorApp({ enabled: true });
+      });
+
+      fixtures.clerk.user?.createTOTP.mockRejectedValueOnce(
+        new ClerkAPIResponseError('Error', {
+          data: [
+            {
+              code: 'totp_already_enabled',
+              long_message: 'TOTP is already enabled for this user',
+              message: 'TOTP already enabled',
+              meta: {},
+            },
+          ],
+          status: 422,
+        }),
+      );
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /authenticator application/i }));
+      });
+
+      await findByText(/TOTP is already enabled for this user/i);
+    });
+
+    it('should display error when verifyTOTP fails with incorrect code', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withAuthenticatorApp({ enabled: true });
+      });
+
+      fixtures.clerk.user?.createTOTP.mockResolvedValue({
+        uri: 'otpauth://totp/Test:test@clerk.com?secret=TESTSECRET&issuer=Test',
+        secret: 'TESTSECRET',
+      } as TOTPResource);
+
+      fixtures.clerk.user?.verifyTOTP.mockRejectedValueOnce(
+        new ClerkAPIResponseError('Error', {
+          data: [
+            {
+              code: 'form_code_incorrect',
+              long_message: 'Incorrect authenticator code',
+              message: 'is incorrect',
+              meta: { param_name: 'code' },
+            },
+          ],
+          status: 422,
+        }),
+      );
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /authenticator application/i }));
+      });
+
+      await findByText('Add authenticator application');
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /continue/i }));
+      });
+
+      await findByText(/enter verification code generated by your authenticator/i);
+
+      await userEvent.type(screen.getByLabelText(/verification code/i), '123456');
+
+      await waitFor(() => {
+        expect(fixtures.clerk.user?.verifyTOTP).toHaveBeenCalledWith({ code: '123456' });
+      });
+
+      expect(await screen.findByTestId('form-feedback-error')).toHaveTextContent(/Incorrect authenticator code/i);
+    });
+  });
+
+  describe('sms code', () => {
+    it('should render the phone selection screen when clicking SMS code button', async () => {
+      const { wrapper } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          phone_numbers: [{ phone_number: '+306911111111', id: 'phone_1' }],
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /sms code/i }));
+      });
+
+      await findByText('Add sms code verification');
+      await findByText(/choose phone number you want to use/i);
+      await findByText(/\+30 691 1111111/i);
+      expect(getByRole('menuitem', { name: /add phone number/i })).toBeInTheDocument();
+    });
+
+    it('should show add phone screen when no existing phone numbers', async () => {
+      const { wrapper } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /sms code/i }));
+      });
+
+      await findByText('Add phone number');
+      await findByText(/a text message containing a verification code/i);
+    });
+
+    it('clicking add phone number should navigate to add phone screen', async () => {
+      const { wrapper } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          phone_numbers: [{ phone_number: '+306911111111', id: 'phone_1' }],
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /sms code/i }));
+      });
+
+      await findByText('Add sms code verification');
+
+      await act(async () => {
+        await userEvent.click(getByRole('menuitem', { name: /add phone number/i }));
+      });
+
+      await findByText('Add phone number');
+      await findByText(/a text message containing a verification code/i);
+    });
+
+    test('completing SMS code verification should show success screen with backup codes', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          phone_numbers: [
+            {
+              phone_number: '+306911111111',
+              id: 'phone_1',
+              verification: { status: 'verified', strategy: 'phone_code' },
+            },
+          ],
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+        f.withBackupCode();
+      });
+
+      fixtures.clerk.user?.phoneNumbers[0].setReservedForSecondFactor.mockResolvedValue({
+        backupCodes: ['code1', 'code2', 'code3'],
+      } as PhoneNumberResource);
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /sms code/i }));
+      });
+
+      await findByText('Add sms code verification');
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /\+30 691 1111111/i }));
+      });
+
+      expect(fixtures.clerk.user?.phoneNumbers[0].setReservedForSecondFactor).toHaveBeenCalledWith({
+        reserved: true,
+      });
+
+      await findByText(/sms code verification enabled/i);
+      await findByText(/save these backup codes/i);
+    });
+
+    test('completing SMS code verification should show simple success screen when backup codes are not enabled', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          phone_numbers: [
+            {
+              phone_number: '+306911111111',
+              id: 'phone_1',
+              verification: { status: 'verified', strategy: 'phone_code' },
+            },
+          ],
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      fixtures.clerk.user?.phoneNumbers[0].setReservedForSecondFactor.mockResolvedValue({} as PhoneNumberResource);
+
+      const { getByRole, findByText, queryByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /sms code/i }));
+      });
+
+      await findByText('Add sms code verification');
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /\+30 691 1111111/i }));
+      });
+
+      expect(fixtures.clerk.user?.phoneNumbers[0].setReservedForSecondFactor).toHaveBeenCalledWith({
+        reserved: true,
+      });
+
+      await findByText(/sms code verification enabled/i);
+      expect(queryByText(/save these backup codes/i)).not.toBeInTheDocument();
+    });
+
+    it('should not display phones already reserved for 2FA', async () => {
+      const { wrapper } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          phone_numbers: [
+            {
+              phone_number: '+306911111111',
+              id: 'phone_1',
+              verification: { status: 'verified', strategy: 'phone_code' },
+              reserved_for_second_factor: true,
+            },
+            {
+              phone_number: '+306922222222',
+              id: 'phone_2',
+              verification: { status: 'verified', strategy: 'phone_code' },
+              reserved_for_second_factor: false,
+            },
+          ],
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      const { getByRole, findByText, queryByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /sms code/i }));
+      });
+
+      await findByText('Add sms code verification');
+
+      // Phone already reserved for 2FA should not be shown
+      expect(queryByText(/\+30 691 1111111/i)).not.toBeInTheDocument();
+      // Phone not reserved should be shown
+      await findByText(/\+30 692 2222222/i);
+    });
+
+    it('should navigate back to main selection when clicking cancel from SMS code flow', async () => {
+      const { wrapper } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          phone_numbers: [{ phone_number: '+306911111111', id: 'phone_1' }],
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+        f.withAuthenticatorApp({ enabled: true });
+      });
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /sms code/i }));
+      });
+
+      await findByText('Add sms code verification');
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /cancel/i }));
+      });
+
+      // Should be back on main selection screen
+      expect(getByRole('button', { name: /authenticator application/i })).toBeInTheDocument();
+      expect(getByRole('button', { name: /sms code/i })).toBeInTheDocument();
+    });
+
+    it('should display error when setReservedForSecondFactor fails', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          phone_numbers: [
+            {
+              phone_number: '+306911111111',
+              id: 'phone_1',
+              verification: { status: 'verified', strategy: 'phone_code' },
+            },
+          ],
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      fixtures.clerk.user?.phoneNumbers[0].setReservedForSecondFactor.mockRejectedValueOnce(
+        new ClerkAPIResponseError('Error', {
+          data: [
+            {
+              code: 'identification_update_failed',
+              long_message: 'You cannot set your last identification as second factor.',
+              message: 'Update failed',
+              meta: {},
+            },
+          ],
+          status: 422,
+        }),
+      );
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /sms code/i }));
+      });
+
+      await findByText('Add sms code verification');
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /\+30 691 1111111/i }));
+      });
+
+      expect(fixtures.clerk.user?.phoneNumbers[0].setReservedForSecondFactor).toHaveBeenCalledWith({
+        reserved: true,
+      });
+
+      await findByText(/You cannot set your last identification as second factor/i);
+    });
+
+    it('should allow adding a new phone number and navigate to verification', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      const mockPhoneResource = {
+        id: 'phone_new',
+        phoneNumber: '+16505551234',
+        prepareVerification: vi.fn().mockResolvedValue({}),
+      } as unknown as PhoneNumberResource;
+
+      fixtures.clerk.user?.createPhoneNumber.mockResolvedValue(mockPhoneResource);
+
+      const { getByRole, findByText, getByLabelText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /sms code/i }));
+      });
+
+      // Should go directly to add phone screen since user has no phones
+      await findByText('Add phone number');
+
+      await userEvent.type(getByLabelText(/phone number/i), '6505551234');
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /continue/i }));
+      });
+
+      expect(fixtures.clerk.user?.createPhoneNumber).toHaveBeenCalledWith({
+        phoneNumber: expect.stringContaining('6505551234'),
+      });
+
+      // Should navigate to verification screen
+      await findByText(/enter the verification code/i);
+    });
+
+    it('should display error when createPhoneNumber fails', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      fixtures.clerk.user?.createPhoneNumber.mockRejectedValueOnce(
+        new ClerkAPIResponseError('Error', {
+          data: [
+            {
+              code: 'phone_number_exists',
+              long_message: 'This phone number is already associated with another account.',
+              message: 'Phone number exists',
+              meta: {},
+            },
+          ],
+          status: 422,
+        }),
+      );
+
+      const { getByRole, findByText, getByLabelText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /sms code/i }));
+      });
+
+      await findByText('Add phone number');
+
+      await userEvent.type(getByLabelText(/phone number/i), '6505551234');
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /continue/i }));
+      });
+
+      await findByText(/This phone number is already associated with another account/i);
+    });
+
+    it('should verify phone with code and show success', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          phone_numbers: [
+            {
+              phone_number: '+306911111111',
+              id: 'phone_1',
+              verification: { status: 'unverified', strategy: 'phone_code' },
+            },
+          ],
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      fixtures.clerk.user?.phoneNumbers[0].prepareVerification.mockResolvedValue({} as PhoneNumberResource);
+      fixtures.clerk.user?.phoneNumbers[0].attemptVerification.mockResolvedValue({} as PhoneNumberResource);
+      fixtures.clerk.user?.phoneNumbers[0].setReservedForSecondFactor.mockResolvedValue({} as PhoneNumberResource);
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /sms code/i }));
+      });
+
+      await findByText('Add sms code verification');
+
+      // Click unverified phone to go to verification
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /\+30 691 1111111/i }));
+      });
+
+      await findByText(/enter the verification code/i);
+
+      // Enter verification code
+      await userEvent.type(screen.getByLabelText(/verification code/i), '123456');
+
+      await waitFor(() => {
+        expect(fixtures.clerk.user?.phoneNumbers[0].attemptVerification).toHaveBeenCalledWith({ code: '123456' });
+      });
+
+      await waitFor(() => {
+        expect(fixtures.clerk.user?.phoneNumbers[0].setReservedForSecondFactor).toHaveBeenCalledWith({
+          reserved: true,
+        });
+      });
+
+      await findByText(/sms code verification enabled/i);
+    });
+
+    it('should display error when phone verification code is incorrect', async () => {
+      const { wrapper, fixtures } = await createFixtures(f => {
+        f.withUser({
+          email_addresses: ['test@clerk.com'],
+          identifier: 'test@clerk.com',
+          phone_numbers: [
+            {
+              phone_number: '+306911111111',
+              id: 'phone_1',
+              verification: { status: 'unverified', strategy: 'phone_code' },
+            },
+          ],
+          tasks: [{ key: 'setup-mfa' }],
+        });
+        f.withPhoneNumber({ second_factors: ['phone_code'], used_for_second_factor: true });
+      });
+
+      fixtures.clerk.user?.phoneNumbers[0].prepareVerification.mockResolvedValue({} as PhoneNumberResource);
+      fixtures.clerk.user?.phoneNumbers[0].attemptVerification.mockRejectedValueOnce(
+        new ClerkAPIResponseError('Error', {
+          data: [
+            {
+              code: 'form_code_incorrect',
+              long_message: 'Incorrect phone code',
+              message: 'is incorrect',
+              meta: { param_name: 'code' },
+            },
+          ],
+          status: 422,
+        }),
+      );
+
+      const { getByRole, findByText, userEvent } = render(<TaskSetupMFA />, { wrapper });
+
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /sms code/i }));
+      });
+
+      await findByText('Add sms code verification');
+
+      // Click unverified phone to go to verification
+      await act(async () => {
+        await userEvent.click(getByRole('button', { name: /\+30 691 1111111/i }));
+      });
+
+      await findByText(/enter the verification code/i);
+
+      // Enter incorrect verification code
+      await userEvent.type(screen.getByLabelText(/verification code/i), '000000');
+
+      await waitFor(() => {
+        expect(fixtures.clerk.user?.phoneNumbers[0].attemptVerification).toHaveBeenCalledWith({ code: '000000' });
+      });
+
+      expect(await screen.findByTestId('form-feedback-error')).toHaveTextContent(/Incorrect phone code/i);
+    });
+  });
+});
diff --git a/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/constants.ts b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/constants.ts
new file mode 100644
index 00000000000..5e49dabdc86
--- /dev/null
+++ b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/constants.ts
@@ -0,0 +1,4 @@
+export const MFA_METHODS_TO_STEP: Record<Partial<'phone_code' | 'totp'>, number> = {
+  phone_code: 1,
+  totp: 2,
+};
diff --git a/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/index.tsx b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/index.tsx
new file mode 100644
index 00000000000..ed72209183d
--- /dev/null
+++ b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/index.tsx
@@ -0,0 +1,88 @@
+import { useClerk, useSession, useUser } from '@clerk/shared/react';
+import { useEffect, useMemo } from 'react';
+
+import { useWizard, Wizard } from '@/common';
+import { useSessionTasksContext, useTaskSetupMFAContext } from '@/contexts/components/SessionTasks';
+import { Flow } from '@/customizables';
+import { useEnvironment, withCoreSessionSwitchGuard } from '@/ui/contexts';
+import { withCardStateProvider } from '@/ui/elements/contexts';
+import { getSecondFactorsAvailableToAdd } from '@/ui/utils/mfa';
+
+import { withTaskGuard } from '../shared';
+import { SetupMfaStartScreen } from './SetupMfaStartScreen';
+import { SmsCodeFlow } from './SmsCodeFlowScreen';
+import { TOTPCodeFlow } from './TOTPCodeFlowScreen';
+
+const TaskSetupMFAInternal = () => {
+  const clerk = useClerk();
+  const { user } = useUser();
+  const { session } = useSession();
+  const {
+    userSettings: { attributes },
+  } = useEnvironment();
+  const ctx = useSessionTasksContext();
+
+  const secondFactorsAvailableToAdd = useMemo(
+    () => (user ? getSecondFactorsAvailableToAdd(attributes, user) : []),
+    [attributes, user],
+  );
+
+  const wizard = useWizard({ defaultStep: 0 });
+  const { redirectUrlComplete } = useTaskSetupMFAContext();
+  const { navigateOnSetActive } = useSessionTasksContext();
+
+  const handleSuccess = () => {
+    void clerk.setActive({
+      session: session?.id,
+      navigate: async ({ session }) => {
+        await navigateOnSetActive?.({ session, redirectUrlComplete });
+
+        if (ctx.shouldAutoNavigateAway) {
+          ctx.shouldAutoNavigateAway.current = true;
+        }
+      },
+    });
+  };
+
+  // Making sure we don't auto navigate away from the setup MFA task even if the current task is not `setup-mfa`.
+  // This is to prevent the user from being redirected to the home page after setting up MFA
+  // as if backup codes are enabled, the user will be redirected without seeing the backup codes
+  useEffect(() => {
+    const currentTask = session?.currentTask;
+    if (currentTask && currentTask.key === 'setup-mfa' && ctx.shouldAutoNavigateAway) {
+      ctx.shouldAutoNavigateAway.current = false;
+    }
+  }, [session?.currentTask, ctx.shouldAutoNavigateAway]);
+
+  return (
+    <Flow.Root flow='taskSetupMfa'>
+      <Wizard
+        {...wizard.props}
+        animate={false}
+      >
+        <Flow.Part part='methodSelectionMFA'>
+          <SetupMfaStartScreen
+            availableMethods={secondFactorsAvailableToAdd}
+            goToStep={wizard.goToStep}
+          />
+        </Flow.Part>
+        <Flow.Part part='phoneCode2Fa'>
+          <SmsCodeFlow
+            onSuccess={handleSuccess}
+            goToStartStep={() => wizard.goToStep(0)}
+          />
+        </Flow.Part>
+        <Flow.Part part='totp2Fa'>
+          <TOTPCodeFlow
+            onSuccess={handleSuccess}
+            goToStartStep={() => wizard.goToStep(0)}
+          />
+        </Flow.Part>
+      </Wizard>
+    </Flow.Root>
+  );
+};
+
+export const TaskSetupMFA = withCoreSessionSwitchGuard(
+  withTaskGuard(withCardStateProvider(TaskSetupMFAInternal), 'setup-mfa'),
+);
diff --git a/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/shared.tsx b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/shared.tsx
new file mode 100644
index 00000000000..dfe5f6ccdac
--- /dev/null
+++ b/packages/ui/src/components/SessionTasks/tasks/TaskSetupMfa/shared.tsx
@@ -0,0 +1,56 @@
+import { useClerk, useSession, useUser } from '@clerk/shared/react/index';
+import type { UserResource } from '@clerk/shared/types';
+import React from 'react';
+
+import { useSignOutContext } from '@/contexts';
+import { Card } from '@/elements/Card';
+import { useMultipleSessions } from '@/hooks/useMultipleSessions';
+import { localizationKeys } from '@/localization';
+import { stringToFormattedPhoneString } from '@/utils/phoneUtils';
+
+export const commonIdentifier = (user: UserResource) => {
+  const formattedPhoneNumber = user.primaryPhoneNumber?.phoneNumber
+    ? stringToFormattedPhoneString(user.primaryPhoneNumber?.phoneNumber)
+    : null;
+  return user.primaryEmailAddress?.emailAddress ?? user.username ?? formattedPhoneNumber;
+};
+
+export function SharedFooterActionForSignOut() {
+  const { user } = useUser();
+  const clerk = useClerk();
+  const { session } = useSession();
+  const { otherSessions } = useMultipleSessions({ user });
+  const { navigateAfterSignOut, navigateAfterMultiSessionSingleSignOutUrl } = useSignOutContext();
+
+  const handleSignOut = () => {
+    if (otherSessions.length === 0) {
+      return clerk.signOut(navigateAfterSignOut);
+    }
+    return clerk.signOut(navigateAfterMultiSessionSingleSignOutUrl, { sessionId: session?.id });
+  };
+
+  const identifier = React.useMemo(() => (user ? commonIdentifier(user) : null), [user]);
+
+  return (
+    <Card.Action
+      elementId='signOut'
+      gap={4}
+      justify='center'
+      sx={() => ({ width: '100%' })}
+    >
+      {identifier && (
+        <Card.ActionText
+          truncate
+          localizationKey={localizationKeys('taskSetupMfa.signOut.actionText', {
+            identifier,
+          })}
+        />
+      )}
+      <Card.ActionLink
+        sx={() => ({ flexShrink: 0 })}
+        onClick={() => void handleSignOut()}
+        localizationKey={localizationKeys('taskSetupMfa.signOut.actionLink')}
+      />
+    </Card.Action>
+  );
+}
diff --git a/packages/ui/src/components/UserProfile/MfaBackupCodeList.tsx b/packages/ui/src/components/UserProfile/MfaBackupCodeList.tsx
index 898ee2bade5..a0667b915f1 100644
--- a/packages/ui/src/components/UserProfile/MfaBackupCodeList.tsx
+++ b/packages/ui/src/components/UserProfile/MfaBackupCodeList.tsx
@@ -44,17 +44,6 @@ export const MfaBackupCodeList = (props: MfaBackupCodeListProps) => {
 
   return (
     <>
-      <Col gap={1}>
-        <Text
-          localizationKey={localizationKeys('userProfile.backupCodePage.title__codelist')}
-          variant='subtitle'
-        />
-        <Text
-          localizationKey={subtitle}
-          variant='caption'
-          colorScheme='secondary'
-        />
-      </Col>
       <Box
         sx={t => ({
           borderWidth: t.borderWidths.$normal,
@@ -63,11 +52,38 @@ export const MfaBackupCodeList = (props: MfaBackupCodeListProps) => {
           borderRadius: t.radii.$lg,
         })}
       >
+        <Col
+          gap={1}
+          sx={t => ({
+            padding: t.space.$4,
+          })}
+        >
+          <Text
+            localizationKey={localizationKeys('userProfile.backupCodePage.title__codelist')}
+            variant='subtitle'
+            sx={t => ({
+              textAlign: 'start',
+            })}
+          />
+          <Text
+            localizationKey={subtitle}
+            variant='body'
+            sx={t => ({
+              textAlign: 'start',
+            })}
+            colorScheme='secondary'
+          />
+        </Col>
         <Grid
           gap={2}
           sx={t => ({
             gridTemplateColumns: `repeat(2, minmax(${t.sizes.$12}, 1fr))`,
-            padding: `${t.space.$4} ${t.space.$6}`,
+            paddingBlock: t.space.$2,
+            backgroundColor: t.colors.$neutralAlpha50,
+            color: t.colors.$colorMutedForeground,
+            borderTopWidth: t.borderWidths.$normal,
+            borderTopStyle: t.borderStyles.$solid,
+            borderTopColor: t.colors.$borderAlpha100,
           })}
         >
           {backupCodes.map((code, i) => (
@@ -100,7 +116,7 @@ export const MfaBackupCodeList = (props: MfaBackupCodeListProps) => {
         >
           <Button
             variant='ghost'
-            sx={t => ({ width: '100%', padding: `${t.space.$2} 0`, borderRadius: 0 })}
+            sx={t => ({ width: '100%', padding: `${t.space.$0x25} 0`, borderRadius: 0 })}
             onClick={onDownloadTxtFile}
           >
             <Icon icon={Download} />
diff --git a/packages/ui/src/components/UserProfile/MfaForm.tsx b/packages/ui/src/components/UserProfile/MfaForm.tsx
index 3e917f9acb4..d6cd9723f5a 100644
--- a/packages/ui/src/components/UserProfile/MfaForm.tsx
+++ b/packages/ui/src/components/UserProfile/MfaForm.tsx
@@ -5,13 +5,13 @@ import React from 'react';
 import { useCardState, withCardStateProvider } from '@/ui/elements/contexts';
 import type { FormProps } from '@/ui/elements/FormContainer';
 import { FormContainer } from '@/ui/elements/FormContainer';
+import { getSecondFactorsAvailableToAdd } from '@/ui/utils/mfa';
 
 import { useEnvironment } from '../../contexts';
 import { localizationKeys } from '../../customizables';
 import { MfaBackupCodeScreen } from './MfaBackupCodeScreen';
 import { MfaPhoneCodeScreen } from './MfaPhoneCodeScreen';
 import { MfaTOTPScreen } from './MfaTOTPScreen';
-import { getSecondFactorsAvailableToAdd } from './utils';
 
 type MfaFormProps = FormProps & {
   selectedStrategy?: VerificationStrategy;
diff --git a/packages/ui/src/components/UserProfile/MfaSection.tsx b/packages/ui/src/components/UserProfile/MfaSection.tsx
index d1a7d9e787d..185cf8f88f2 100644
--- a/packages/ui/src/components/UserProfile/MfaSection.tsx
+++ b/packages/ui/src/components/UserProfile/MfaSection.tsx
@@ -8,6 +8,7 @@ import type { ProfileSectionActionMenuItemProps } from '@/ui/elements/Section';
 import { ProfileSection } from '@/ui/elements/Section';
 import { ThreeDotsMenu } from '@/ui/elements/ThreeDotsMenu';
 import { handleError } from '@/ui/utils/errorHandler';
+import { defaultFirst, getSecondFactors, getSecondFactorsAvailableToAdd } from '@/ui/utils/mfa';
 
 import { useEnvironment } from '../../contexts';
 import { Badge, Flex, Icon, localizationKeys, Text } from '../../customizables';
@@ -16,7 +17,6 @@ import { useActionContext } from '../../elements/Action/ActionRoot';
 import { AuthApp, DotCircle, Mobile } from '../../icons';
 import type { PropsOfComponent } from '../../styledSystem';
 import { MfaBackupCodeCreateScreen, MfaScreen, RemoveMfaPhoneCodeScreen, RemoveMfaTOTPScreen } from './MfaScreens';
-import { defaultFirst, getSecondFactors, getSecondFactorsAvailableToAdd } from './utils';
 
 export const MfaSection = () => {
   const {
diff --git a/packages/ui/src/components/UserProfile/SecurityPage.tsx b/packages/ui/src/components/UserProfile/SecurityPage.tsx
index 1a948590991..172cfac0e10 100644
--- a/packages/ui/src/components/UserProfile/SecurityPage.tsx
+++ b/packages/ui/src/components/UserProfile/SecurityPage.tsx
@@ -3,6 +3,7 @@ import { useUser } from '@clerk/shared/react';
 import { Card } from '@/ui/elements/Card';
 import { useCardState, withCardStateProvider } from '@/ui/elements/contexts';
 import { Header } from '@/ui/elements/Header';
+import { getSecondFactors } from '@/ui/utils/mfa';
 
 import { useEnvironment, useUserProfileContext } from '../../contexts';
 import { Col, descriptors, localizationKeys } from '../../customizables';
@@ -11,7 +12,6 @@ import { DeleteSection } from './DeleteSection';
 import { MfaSection } from './MfaSection';
 import { PasskeySection } from './PasskeySection';
 import { PasswordSection } from './PasswordSection';
-import { getSecondFactors } from './utils';
 
 export const SecurityPage = withCardStateProvider(() => {
   const { attributes, instanceIsPasswordBased } = useEnvironment().userSettings;
diff --git a/packages/ui/src/components/UserProfile/utils.ts b/packages/ui/src/components/UserProfile/utils.ts
index e10993d2ba2..b1565b08ed9 100644
--- a/packages/ui/src/components/UserProfile/utils.ts
+++ b/packages/ui/src/components/UserProfile/utils.ts
@@ -1,10 +1,4 @@
-import type {
-  Attributes,
-  EmailAddressResource,
-  PhoneNumberResource,
-  UserResource,
-  Web3WalletResource,
-} from '@clerk/shared/types';
+import type { EmailAddressResource, PhoneNumberResource, Web3WalletResource } from '@clerk/shared/types';
 
 type IDable = { id: string };
 
@@ -14,36 +8,6 @@ export const primaryIdentificationFirst = (primaryId: string | null) => (val1: I
 
 export const currentSessionFirst = (id: string) => (a: IDable) => (a.id === id ? -1 : 1);
 
-export const defaultFirst = (a: PhoneNumberResource) => (a.defaultSecondFactor ? -1 : 1);
-
-export function getSecondFactors(attributes: Partial<Attributes>): string[] {
-  const secondFactors: string[] = [];
-
-  Object.entries(attributes).forEach(([, attr]) => {
-    if (attr.used_for_second_factor) {
-      secondFactors.push(...attr.second_factors);
-    }
-  });
-
-  return secondFactors;
-}
-
-export function getSecondFactorsAvailableToAdd(attributes: Partial<Attributes>, user: UserResource): string[] {
-  let sfs = getSecondFactors(attributes);
-
-  // If user.totp_enabled, skip totp from the list of choices
-  if (user.totpEnabled) {
-    sfs = sfs.filter(f => f !== 'totp');
-  }
-
-  // Remove backup codes if already enabled or user doesn't have another MFA method added
-  if (user.backupCodeEnabled || !user.twoFactorEnabled) {
-    sfs = sfs.filter(f => f !== 'backup_code');
-  }
-
-  return sfs;
-}
-
 export function sortIdentificationBasedOnVerification<
   T extends Array<EmailAddressResource | PhoneNumberResource | Web3WalletResource>,
 >(array: T | null | undefined, primaryId: string | null | undefined): T {
diff --git a/packages/ui/src/contexts/ClerkUIComponentsContext.tsx b/packages/ui/src/contexts/ClerkUIComponentsContext.tsx
index a375cb29568..aa77989f5f8 100644
--- a/packages/ui/src/contexts/ClerkUIComponentsContext.tsx
+++ b/packages/ui/src/contexts/ClerkUIComponentsContext.tsx
@@ -4,6 +4,7 @@ import type {
   PricingTableProps,
   TaskChooseOrganizationProps,
   TaskResetPasswordProps,
+  TaskSetupMFAProps,
   UserButtonProps,
   WaitlistProps,
 } from '@clerk/shared/types';
@@ -32,6 +33,7 @@ import {
   SessionTasksContext,
   TaskChooseOrganizationContext,
   TaskResetPasswordContext,
+  TaskSetupMFAContext,
 } from './components/SessionTasks';
 
 export function ComponentContextProvider({
@@ -138,6 +140,14 @@ export function ComponentContextProvider({
           </SessionTasksContext.Provider>
         </TaskResetPasswordContext.Provider>
       );
+    case 'TaskSetupMFA':
+      return (
+        <TaskSetupMFAContext.Provider value={{ componentName: 'TaskSetupMFA', ...(props as TaskSetupMFAProps) }}>
+          <SessionTasksContext.Provider value={{ ...(props as TaskSetupMFAProps) }}>
+            {children}
+          </SessionTasksContext.Provider>
+        </TaskSetupMFAContext.Provider>
+      );
     default:
       throw new Error(`Unknown component context: ${componentName}`);
   }
diff --git a/packages/ui/src/contexts/components/SessionTasks.ts b/packages/ui/src/contexts/components/SessionTasks.ts
index 9fc69910fa2..2d47a7698f2 100644
--- a/packages/ui/src/contexts/components/SessionTasks.ts
+++ b/packages/ui/src/contexts/components/SessionTasks.ts
@@ -4,7 +4,7 @@ import { createContext, useContext } from 'react';
 
 import { useRouter } from '@/ui/router';
 
-import type { SessionTasksCtx, TaskChooseOrganizationCtx, TaskResetPasswordCtx } from '../../types';
+import type { SessionTasksCtx, TaskChooseOrganizationCtx, TaskResetPasswordCtx, TaskSetupMFACtx } from '../../types';
 
 export const SessionTasksContext = createContext<SessionTasksCtx | null>(null);
 
@@ -67,3 +67,15 @@ export const useTaskResetPasswordContext = (): TaskResetPasswordCtx => {
 
   return context;
 };
+
+export const TaskSetupMFAContext = createContext<TaskSetupMFACtx | null>(null);
+
+export const useTaskSetupMFAContext = (): TaskSetupMFACtx => {
+  const context = useContext(TaskSetupMFAContext);
+
+  if (context === null) {
+    throw new Error('Clerk: useTaskSetupMFAContext called outside of the mounted TaskSetupMFA component.');
+  }
+
+  return context;
+};
diff --git a/packages/ui/src/customizables/elementDescriptors.ts b/packages/ui/src/customizables/elementDescriptors.ts
index f7e8bfb1112..947c5836f93 100644
--- a/packages/ui/src/customizables/elementDescriptors.ts
+++ b/packages/ui/src/customizables/elementDescriptors.ts
@@ -219,6 +219,12 @@ export const APPEARANCE_KEYS = containsAllElementsConfigKeys([
   'taskChooseOrganizationCreateOrganizationActionButton',
   'taskChooseOrganizationPreviewButton',
 
+  'taskSetupMfaMethodSelectionItem',
+  'taskSetupMfaMethodSelectionItems',
+  'taskSetupMfaPhoneSelectionItems',
+  'taskSetupMfaPhoneSelectionItem',
+  'taskSetupMfaPhoneSelectionAddPhoneAction',
+
   'userAvatarBox',
   'userAvatarImage',
 
diff --git a/packages/ui/src/elements/FormContainer.tsx b/packages/ui/src/elements/FormContainer.tsx
index 060023910a8..bfb955d52c7 100644
--- a/packages/ui/src/elements/FormContainer.tsx
+++ b/packages/ui/src/elements/FormContainer.tsx
@@ -15,6 +15,7 @@ type PageProps = PropsOfComponent<typeof Col> & {
   headerTitleTextVariant?: PropsOfComponent<typeof Header.Title>['textVariant'];
   headerSubtitle?: LocalizationKey;
   headerSubtitleTextVariant?: PropsOfComponent<typeof Header.Subtitle>['variant'];
+  badgeText?: LocalizationKey;
 };
 
 export const FormContainer = (props: PageProps) => {
@@ -23,6 +24,7 @@ export const FormContainer = (props: PageProps) => {
     headerTitleTextVariant = 'h3',
     headerSubtitle,
     headerSubtitleTextVariant = 'body',
+    badgeText,
     children,
     sx,
     ...rest
@@ -32,12 +34,12 @@ export const FormContainer = (props: PageProps) => {
   return (
     <Col
       elementDescriptor={descriptors.formContainer}
-      gap={4}
+      gap={8}
       {...rest}
       sx={[sx]}
     >
       {(headerTitle || headerSubtitle) && (
-        <Header.Root>
+        <Header.Root badgeText={badgeText}>
           {headerTitle && (
             <Header.Title
               textVariant={headerTitleTextVariant}
diff --git a/packages/ui/src/elements/Header.tsx b/packages/ui/src/elements/Header.tsx
index 17aa0286bfd..130ab7cb1a3 100644
--- a/packages/ui/src/elements/Header.tsx
+++ b/packages/ui/src/elements/Header.tsx
@@ -1,6 +1,17 @@
 import React from 'react';
 
-import { Col, descriptors, Heading, Icon, Link, Text, useAppearance } from '../customizables';
+import {
+  Badge,
+  Col,
+  descriptors,
+  Flex,
+  Heading,
+  Icon,
+  Link,
+  Text,
+  useAppearance,
+  type LocalizationKey,
+} from '../customizables';
 import { ArrowLeftIcon } from '../icons';
 import type { PropsOfComponent, ThemableCssProp } from '../styledSystem';
 import { ApplicationLogo } from './ApplicationLogo';
@@ -10,11 +21,12 @@ export type HeaderProps = PropsOfComponent<typeof Col> & {
   showLogo?: boolean;
   showDivider?: boolean;
   contentSx?: ThemableCssProp;
+  badgeText?: LocalizationKey;
 };
 
 const Root = React.memo(
   React.forwardRef<HTMLDivElement, HeaderProps>((props, ref) => {
-    const { sx, children, contentSx, gap = 6, showLogo = false, showDivider = false, ...rest } = props;
+    const { sx, children, contentSx, gap = 4, showLogo = false, showDivider = false, badgeText, ...rest } = props;
     const appearance = useAppearance();
 
     const logoIsVisible = appearance.parsedOptions.logoPlacement === 'inside' && showLogo;
@@ -30,6 +42,11 @@ const Root = React.memo(
       >
         {logoIsVisible && <ApplicationLogo />}
         {verticalDividerIsVisible && <VerticalDivider />}
+        {badgeText && (
+          <Flex justify='center'>
+            <Badge localizationKey={badgeText} />
+          </Flex>
+        )}
         <Col
           gap={1}
           sx={contentSx}
diff --git a/packages/ui/src/elements/SuccessPage.tsx b/packages/ui/src/elements/SuccessPage.tsx
index 46f3841db59..c5d5b5e9cef 100644
--- a/packages/ui/src/elements/SuccessPage.tsx
+++ b/packages/ui/src/elements/SuccessPage.tsx
@@ -11,14 +11,17 @@ import { Header } from './Header';
 
 type SuccessPageProps = Omit<PropsOfComponent<typeof Flex>, 'headerTitle' | 'title'> & {
   title?: LocalizationKey;
+  subtitle?: LocalizationKey;
   text?: LocalizationKey | LocalizationKey[];
   finishLabel?: LocalizationKey;
   contents?: React.ReactNode;
+  headerBadgeText?: LocalizationKey;
   onFinish?: () => void;
+  finishButtonProps?: PropsOfComponent<typeof Button>;
 };
 
 export const SuccessPage = (props: SuccessPageProps) => {
-  const { text, title, finishLabel, onFinish, contents, ...rest } = props;
+  const { text, title, subtitle, finishLabel, onFinish, contents, finishButtonProps, headerBadgeText, ...rest } = props;
   const { navigateToFlowStart } = useNavigateToFlowStart();
 
   return (
@@ -26,11 +29,14 @@ export const SuccessPage = (props: SuccessPageProps) => {
       {...rest}
       gap={4}
     >
-      <Header.Root>
-        <Header.Title
-          localizationKey={title}
-          textVariant='subtitle'
-        />
+      <Header.Root badgeText={headerBadgeText}>
+        {title && (
+          <Header.Title
+            localizationKey={title}
+            textVariant={subtitle ? undefined : 'subtitle'}
+          />
+        )}
+        {subtitle && <Header.Subtitle localizationKey={subtitle} />}
       </Header.Root>
       <Col gap={4}>
         {Array.isArray(text) ? (
@@ -62,6 +68,7 @@ export const SuccessPage = (props: SuccessPageProps) => {
           localizationKey={finishLabel || localizationKeys('userProfile.formButtonPrimary__finish')}
           elementDescriptor={descriptors.formButtonPrimary}
           onClick={onFinish || navigateToFlowStart}
+          {...finishButtonProps}
         />
       </FormButtonContainer>
     </Col>
diff --git a/packages/ui/src/elements/VerificationCodeCard.tsx b/packages/ui/src/elements/VerificationCodeCard.tsx
index 3163ba73f2e..9052d5f7a9e 100644
--- a/packages/ui/src/elements/VerificationCodeCard.tsx
+++ b/packages/ui/src/elements/VerificationCodeCard.tsx
@@ -15,10 +15,12 @@ export type VerificationCodeCardProps = {
   cardSubtitle: LocalizationKey;
   cardNotice?: LocalizationKey;
   inputLabel?: LocalizationKey;
+  backLinkLabel?: LocalizationKey;
   safeIdentifier?: string | undefined | null;
   resendButton?: LocalizationKey;
   alternativeMethodsLabel?: LocalizationKey;
   profileImageUrl?: string;
+  badgeText?: LocalizationKey;
   onCodeEntryFinishedAction: (
     code: string,
     resolve: () => Promise<void>,
@@ -32,6 +34,18 @@ export type VerificationCodeCardProps = {
 };
 
 export const VerificationCodeCard = (props: PropsWithChildren<VerificationCodeCardProps>) => {
+  return (
+    <Card.Root>
+      <Card.Content>
+        <VerificationCodeContent {...props} />
+      </Card.Content>
+
+      <Card.Footer />
+    </Card.Root>
+  );
+};
+
+export const VerificationCodeContent = (props: PropsWithChildren<VerificationCodeCardProps>) => {
   const { showAlternativeMethods = true, cardNotice, children } = props;
   const card = useCardState();
 
@@ -41,65 +55,69 @@ export const VerificationCodeCard = (props: PropsWithChildren<VerificationCodeCa
     },
     onResendCodeClicked: props.onResendCodeClicked,
   });
-
   return (
-    <Card.Root>
-      <Card.Content>
-        <Header.Root>
-          <Header.Title localizationKey={props.cardTitle} />
-          <Header.Subtitle localizationKey={props.cardSubtitle} />
-          <IdentityPreview
-            identifier={props.safeIdentifier}
-            avatarUrl={props.profileImageUrl}
-            onClick={!props.onBackLinkClicked ? props.onIdentityPreviewEditClicked : undefined}
-          />
-        </Header.Root>
-        <Card.Alert>{card.error}</Card.Alert>
-        {children}
-        <Col
-          elementDescriptor={descriptors.main}
-          gap={8}
-        >
-          <Form.OTPInput
-            {...otp}
-            label={props.inputLabel}
-            resendButton={props.resendButton}
-          />
+    <>
+      <Header.Root badgeText={props.badgeText}>
+        <Header.Title localizationKey={props.cardTitle} />
+        <Header.Subtitle localizationKey={props.cardSubtitle} />
+        <IdentityPreview
+          identifier={props.safeIdentifier}
+          avatarUrl={props.profileImageUrl}
+          onClick={props.onIdentityPreviewEditClicked ? props.onIdentityPreviewEditClicked : undefined}
+        />
+      </Header.Root>
+      <Card.Alert>{card.error}</Card.Alert>
+      {children}
+      <Col
+        elementDescriptor={descriptors.main}
+        gap={8}
+      >
+        <Form.OTPInput
+          {...otp}
+          label={props.inputLabel}
+          resendButton={props.resendButton}
+        />
 
-          {cardNotice && (
-            <Alert colorScheme='warning'>
-              <Text
-                colorScheme='warning'
-                localizationKey={cardNotice}
-                variant='caption'
-              />
-            </Alert>
-          )}
+        {cardNotice && (
+          <Alert colorScheme='warning'>
+            <Text
+              colorScheme='warning'
+              localizationKey={cardNotice}
+              variant='caption'
+            />
+          </Alert>
+        )}
 
-          <Col gap={3}>
+        <Col gap={3}>
+          <Button
+            elementDescriptor={descriptors.formButtonPrimary}
+            block
+            hasArrow
+            isLoading={otp.isLoading}
+            localizationKey={localizationKeys('formButtonPrimary')}
+            onClick={otp.onFakeContinue}
+          />
+          {props.onBackLinkClicked && (
             <Button
-              elementDescriptor={descriptors.formButtonPrimary}
+              elementDescriptor={descriptors.formButtonReset}
               block
-              hasArrow
-              isLoading={otp.isLoading}
-              localizationKey={localizationKeys('formButtonPrimary')}
-              onClick={otp.onFakeContinue}
+              variant='ghost'
+              localizationKey={props.backLinkLabel}
+              onClick={props.onBackLinkClicked}
             />
-            {showAlternativeMethods && props.onShowAlternativeMethodsClicked && (
-              <Card.Action elementId='alternativeMethods'>
-                <Card.ActionLink
-                  localizationKey={
-                    props.alternativeMethodsLabel ?? localizationKeys('footerActionLink__useAnotherMethod')
-                  }
-                  onClick={props.onShowAlternativeMethodsClicked}
-                />
-              </Card.Action>
-            )}
-          </Col>
+          )}
+          {showAlternativeMethods && props.onShowAlternativeMethodsClicked && (
+            <Card.Action elementId='alternativeMethods'>
+              <Card.ActionLink
+                localizationKey={
+                  props.alternativeMethodsLabel ?? localizationKeys('footerActionLink__useAnotherMethod')
+                }
+                onClick={props.onShowAlternativeMethodsClicked}
+              />
+            </Card.Action>
+          )}
         </Col>
-      </Card.Content>
-
-      <Card.Footer />
-    </Card.Root>
+      </Col>
+    </>
   );
 };
diff --git a/packages/ui/src/elements/contexts/index.tsx b/packages/ui/src/elements/contexts/index.tsx
index 20b00556ff5..cecccfe3d88 100644
--- a/packages/ui/src/elements/contexts/index.tsx
+++ b/packages/ui/src/elements/contexts/index.tsx
@@ -103,7 +103,8 @@ export type FlowMetadata = {
     | 'tasks'
     | 'taskChooseOrganization'
     | 'enableOrganizations'
-    | 'taskResetPassword';
+    | 'taskResetPassword'
+    | 'taskSetupMfa';
   part?:
     | 'start'
     | 'emailCode'
@@ -130,7 +131,8 @@ export type FlowMetadata = {
     | 'chooseOrganization'
     | 'chooseWallet'
     | 'enterpriseConnections'
-    | 'organizationCreationDisabled';
+    | 'organizationCreationDisabled'
+    | 'methodSelectionMFA';
 };
 
 const [FlowMetadataCtx, useFlowMetadata] = createContextAndHook<FlowMetadata>('FlowMetadata');
diff --git a/packages/ui/src/internal/appearance.ts b/packages/ui/src/internal/appearance.ts
index 03089f33bf7..afa84fe85d1 100644
--- a/packages/ui/src/internal/appearance.ts
+++ b/packages/ui/src/internal/appearance.ts
@@ -359,6 +359,12 @@ export type ElementsConfig = {
   taskChooseOrganizationCreateOrganizationActionButton: WithOptions;
   taskChooseOrganizationPreviewButton: WithOptions;
 
+  taskSetupMfaMethodSelectionItem: WithOptions;
+  taskSetupMfaMethodSelectionItems: WithOptions;
+  taskSetupMfaPhoneSelectionItems: WithOptions;
+  taskSetupMfaPhoneSelectionItem: WithOptions;
+  taskSetupMfaPhoneSelectionAddPhoneAction: WithOptions;
+
   userAvatarBox: WithOptions;
   userAvatarImage: WithOptions;
 
diff --git a/packages/ui/src/types.ts b/packages/ui/src/types.ts
index 0156899b081..1bb572475af 100644
--- a/packages/ui/src/types.ts
+++ b/packages/ui/src/types.ts
@@ -20,11 +20,13 @@ import type {
   SignUpProps,
   TaskChooseOrganizationProps,
   TaskResetPasswordProps,
+  TaskSetupMFAProps,
   UserAvatarProps,
   UserButtonProps,
   UserProfileProps,
   WaitlistProps,
 } from '@clerk/shared/types';
+import type { MutableRefObject, Ref } from 'react';
 
 import type { WithInternalRouting } from './internal';
 
@@ -62,7 +64,8 @@ export type AvailableComponentProps =
   | __internal_PlanDetailsProps
   | APIKeysProps
   | TaskChooseOrganizationProps
-  | TaskResetPasswordProps;
+  | TaskResetPasswordProps
+  | TaskSetupMFAProps;
 
 type ComponentMode = 'modal' | 'mounted';
 type SignInMode = 'modal' | 'redirect';
@@ -146,6 +149,7 @@ export type CheckoutCtx = __internal_CheckoutProps & {
 
 export type SessionTasksCtx = {
   redirectUrlComplete: string;
+  shouldAutoNavigateAway?: MutableRefObject<boolean>;
 };
 
 export type TaskChooseOrganizationCtx = TaskChooseOrganizationProps & {
@@ -156,6 +160,10 @@ export type TaskResetPasswordCtx = TaskResetPasswordProps & {
   componentName: 'TaskResetPassword';
 };
 
+export type TaskSetupMFACtx = TaskSetupMFAProps & {
+  componentName: 'TaskSetupMFA';
+};
+
 export type OAuthConsentCtx = __internal_OAuthConsentProps & {
   componentName: 'OAuthConsent';
 };
@@ -188,5 +196,6 @@ export type AvailableComponentCtx =
   | SubscriptionDetailsCtx
   | PlanDetailsCtx
   | TaskChooseOrganizationCtx
-  | TaskResetPasswordCtx;
+  | TaskResetPasswordCtx
+  | TaskSetupMFACtx;
 export type AvailableComponentName = AvailableComponentCtx['componentName'];
diff --git a/packages/ui/src/utils/mfa.ts b/packages/ui/src/utils/mfa.ts
new file mode 100644
index 00000000000..16260d86661
--- /dev/null
+++ b/packages/ui/src/utils/mfa.ts
@@ -0,0 +1,32 @@
+import type { Attributes, PhoneNumberResource, UserResource, VerificationStrategy } from '@clerk/shared/types';
+
+export const defaultFirst = (a: PhoneNumberResource) => (a.defaultSecondFactor ? -1 : 1);
+
+export function getSecondFactors(attributes: Partial<Attributes>): VerificationStrategy[] {
+  const secondFactors: VerificationStrategy[] = [];
+
+  Object.entries(attributes).forEach(([, attr]) => {
+    if (attr.used_for_second_factor) {
+      secondFactors.push(...attr.second_factors);
+    }
+  });
+
+  return secondFactors;
+}
+
+export function getSecondFactorsAvailableToAdd(
+  attributes: Partial<Attributes>,
+  user: UserResource,
+): VerificationStrategy[] {
+  let sfs = getSecondFactors(attributes);
+
+  if (user.totpEnabled) {
+    sfs = sfs.filter(f => f !== 'totp');
+  }
+
+  if (user.backupCodeEnabled || !user.twoFactorEnabled) {
+    sfs = sfs.filter(f => f !== 'backup_code');
+  }
+
+  return sfs;
+}
diff --git a/packages/ui/vitest.config.mts b/packages/ui/vitest.config.mts
index 97c41c351ac..a01e00d9b00 100644
--- a/packages/ui/vitest.config.mts
+++ b/packages/ui/vitest.config.mts
@@ -63,6 +63,7 @@ export default defineConfig({
       { find: '@/utils/formatSafeIdentifier', replacement: `${uiPath}/utils/formatSafeIdentifier` },
       { find: '@/utils/intl', replacement: `${uiPath}/utils/intl` },
       { find: '@/utils/normalizeRoutingOptions', replacement: `${uiPath}/utils/normalizeRoutingOptions` },
+      { find: '@/utils/phoneUtils', replacement: `${uiPath}/utils/phoneUtils` },
       // Utils from clerk-js (needed by clerk-js core modules)
       { find: '@/utils', replacement: `${clerkJsPath}/utils` },
       // Catch-all for other @/ imports - UI package