One of the best ways you can protect access to your accounts is through multi-factor authentication (MFA). Multi-factor authentication can also be referred to as two-factor authentication (2FA). MFA is a layered approach to securing data and applications and enabling it ensures that the only person who has access to your information and applications is you.

MFA requires a user to present a combination of two or more credentials to verify a user’s identity for login. The four most common factors used in MFA are knowledge (something you know), possession (something you have), inherence (something you are), and location (where you are).

MFA Is Confusing

MFA can seem complex but you already use it in a variety of ways of which you may not be aware:

• Your debit card and your PIN number (something you have and something you know)
• Your cell phone and your face ID (something you have and something you are)
• The door to your home and your house key (something you have and where you are)
• The entrance to your work and your badge (something you have and where you are)

You can and should set up MFA on as many accounts as possible. It is becoming more and more common for companies to offer MFA to their account holders and if your accounts don’t offer it, now is a good time to ask when it will be available. You should enable MFA for accounts like online banking, email, social media, and any other service that requires you to log in.

Isn’t MFA going to make logging in a headache?

Some people don’t enable MFA because they believe it’s going to be a hassle to log in to their accounts with it enabled. In reality, enabling MFA is usually very easy and barely adds any time to the login process.

Some examples of logging in to accounts that are set up with MFA are:

• Receiving a text message code that you input after your password before you can access online banking (something you know in your password and something you have in your phone)
• Entering the security code on the back of a credit card before making a purchase online (something you know in the card number and something you have in the actual card with the code on the back)
• Using a secondary authentication application such as Google Authenticator or Duo to receive a one-time passcode that is entered after your password to access your account (something you know in your password and something you have in the application)

By implementing MFA, the chances of an adversary compromising an account is lowered since the username and password alone will not allow access to a targeted account. If MFA is an option on your accounts, we recommend that you enable it. The value from the time spent setting MFA up and verifying your identity when you log in to your accounts far outweighs the time you would spend recovering lost data, on the phone with your financial institution disputing charges, or reporting a stolen identity if your accounts were hacked.