-1.png?height=120&name=corp_logo_horz_on_dark_1200w%20(2)-1.png){kind=logo}
MFA requires that a user prove their identity with two or more factors (methods) when logging into a system. Commonly, the two factors could be: 1) a username and password, and 2) a temporary SMS code.
Why do I need MFA?
It is no longer adequate to rely on a single factor for authentication (for example, username and password), for a multitude of reasons:
- Users commonly repeat passwords across multiple websites. If one of those websites has a data breach, attacks may be able to use those stolen credentials to gain access to other systems or services
- Users do not always choose strong passwords, making it possible to outright guess them
- Users may not store passwords in a secure manner. For example, storing a list of passwords in a Word document or on a Post-It under their keyboard.
Implementing MFA adds a second layer of security to backup that first factor.
How do I setup MFA?
Multi-factor authentication can take a variety of forms, such as:
- One-time email codes
- One-time text message (SMS) codes
- Time-based one time password apps (e.g. Google Authenticator)
- Biometrics (e.g. Apple TouchID)
- Hardware devices (e.g. YubiKey)
At ComplyAuto Esquire, we partner with Duo to prevent MFA via SMS one-time codes.