What is MFA?
Multi-factor authentication (MFA) is used to ensure that digital users are who they say they are by requiring that they provide at least two pieces of evidence to prove their identity. Each piece of evidence must come from a different category: something they know (security questions), something they have (phone or email), or something they are (biometrics).
If one of the factors has been compromised by a hacker or unauthorized user, the chances of another factor also being compromised are low, so requiring multiple authentication factors provides a higher level of assurance about the user’s identity.
Why are we doing this?
- 99.9% of hacked accounts did not use MFA.
- 60% of users reuse passwords.
- 99% of password sprays attacks and 97% of password replay attacks were performed against legacy authentication.
- Gains in account security outweigh the extra steps of MFA prompts at sign in.
MFA Setup Instructions