Visit page
Press "Enter" to skip to content

What is your password?

Is your password 123456? Odds are it is. According to the Cybersecurity & Infrastructure Security Agency, it is the most common password in the country. Of course, you have heard by now that you should be using “strong” passwords – ones that include upper- and lowercase letters, numbers, and special characters. Passwords that consist of a passphrase are even better. You can even use a password manager if you need help creating ones that are unique and remembering them all.

But if you want to level up your password game, you might want to consider using Multifactor Authentication (MFA), also called Two-Factor Authentication or 2FA. MFA puts an additional roadblock between hackers and your private information. Even if your password is compromised, hackers won’t be able to access your accounts without a second form of authentication or verification. It’s like putting a deadbolt on your front door.

What is MFA?

MFA consists of at least two of the following:

  • Something you know (such as your password or PIN)
  • Something you have (such as a confirmation text or email – often with a code)
  • Something you are (such as a fingerprint, facial recognition, eye scan, or voice recognition)

The most common form of MFA is entering your password and then receiving a code via text message or email. Then you would enter the code into a field when prompted.

Why should I use MFA?

Even with a strong password, your accounts are still vulnerable. The average person can have over 80 online accounts, and many of us are likely to reuse the same password, even if it is considered a strong one. Once a cybercriminal gains access to one account, they can gain access to other accounts with the same password.

Using an MFA will make you 99 percent less likely to get hacked. MFAs are available for most online accounts, including email, financial, and social media platforms.

How do I enable MFA?

Look for the security settings in each of your online accounts. Some websites have a “security” tab along the top. For others, you may have to look for the gear icon or search for the security setting under “My account” once you have logged in (both usually in the upper right-hand corner). You can also do a search on the site. Here you’ll find information about how to set up or change your login options.

This website offers a directory of some of the most well-known companies sorted by category, such as banking, communication, entertainment, and retail. You can check if a particular company, such as Amazon, has MFA available, what the second step entails (i.e., text, phone call, or email), and you can click a link to be taken directly to the company’s website with instructions on how to enable it.

Learn more

Visit the Cybersecurity & Infrastructure Security Agency for more information on Cybersecurity Awareness Month and for tip sheets on multifactor authentication, phishingcreating passwords, and more.