Multi-factor Authentication

What is multi factor authentication?

Multi-factor authentication (MFA), also known as two-step verification, is an additional layer of security for online accounts and sensitive data. MFA requires members to provide more than just a password to log in by prompting for a second form of validation when signing in to the member dashboard. This second form of validation may be a code sent to a member’s mobile phone or a dynamically created number from an app. MFA can help prevent unauthorized access to accounts even if a password is compromised. Even if one credential is compromised, the member will still need to meet the second authentication requirement to access the account.

Why is MFA Important?

The main benefit of MFA is it enhances the security of members’ personal information by requiring members to identify themselves by more than a username and password. While important, usernames and passwords are only the first line of protection. Enabling the use of MFA means increased confidence that your personal information is more secure with Kroll.

How Does MFA work?

MFA works by requiring additional verification information (factors). One of the most common MFA factors used are one-time passwords (OTP). OTPs are single use 4-8 digit codes received via text message or a mobile authentication app. With OTPs a new code is generated periodically or each time an authentication request is submitted.

What do I need to use MFA?

There are 2 options to set up MFA on the Kroll dashboard.

1. To setup an authentication app you will need a smart phone or tablet, wifi or data access, and an account on the app store associated with your device. You may select any authentication app of your choosing. Some options may include Microsoft Authenticator or Google Authenticator.
2. To setup text message authentication you will need a mobile phone eligible to receive text messages. Your mobile carrier may charge you for sending or receiving text messages, or for using data associated with those messages. Temporary or permanent loss in phone service for the phone number associated with MFA may impact your ability to receive authentication codes.