Your Guide to MFA

Welcome to Week 2 of Cybersecurity Awareness Month 2023. Catch up on Week 1 here. This week we’re talking about multifactor authentication (MFA) and how to enable it for your accounts.

MFA provides us with extra security by confirming our identities when logging in to our accounts. This confirmation looks like entering a code texted to a phone or one generated by an authenticator app, or using biometrics to confirm your identity. MFA increases security—it can make us significantly safer online. Even if our passwords become compromised, unauthorized users will be unable to meet the second step requirement and will not be able to access our accounts.

The steps for turning on MFA vary according to the product. Here, we’ll outline the steps for Apple ID, Google, and Microsoft.

Apple ID

If you’re not already using two-factor authentication for your Apple ID, you can turn it on right on your device. On your iPhone or iPad:
1. Go to Settings.
2. Tap your name.
3. Select “Password & Security”.
4. Select “Turn On Two-Factor Authentication”.
5. Select “Continue” and follow the onscreen instructions.
Visit the Apple Support page for more info.

Google

1. Open your Google Account.
2. In the navigation panel, select Security.
3. Under “Signing in to Google,” select 2-Step Verification Get started.
4. Follow the on-screen steps.
Visit the Google Support page for more info.

Microsoft

1. Go to the Security basics page and sign in with your Microsoft account.
2. Select More security options.
3. Under Two-step verification, choose Set up two-step verification to turn it on, or choose Turn off two-step verification to turn it off.
4. Follow the instructions.
Visit the Microsoft Support page for more info.

There you have it! Once you’ve set up MFA, when you log into your accounts, it may challenge you to complete the MFA step that proves your identity. It only takes a moment but makes you much safer from hackers!

Turn on MFA for every account or app that offers it. Enabling MFA will protect things like:
• Banking information
• Online purchases
• Social media
• Email
• Businesses
• Your identity

PRO TIP: Check to see whether your email accounts, banks, healthcare providers, and other important accounts offer MFA and enable it by default. If they don’t, ask them why not. It’s your information they’re putting at risk.

Download this tip sheet from CISA and supercharge your journey to enabling MFA! ⏬