Help Articles

Enrolling in Multifactor Authentication (MFA)

M-RETS is improving our security for Users and Organizations by implementing Multi-Factor Authentication (MFA). This feature will be available to all users. Multi-factor authentication (MFA) works by combining “something you know” (i.e., your credentials) with “something you have” (i.e., a time-based one-time password retrieved via a trusted mobile device) to gain access to a system.

MFA will be an opt-in process for Organizations for the time being. Our implementation will support receiving the MFA key via SMS, authenticator app, email, or phone call. Our goal is to make it as flexible as possible. If you have any concerns or thoughts you would like to share as we complete this work, please contact systemadmin@mrets.org.

Multi-factor authentication has rapidly become a security best practice, and we want to encourage all organizations and users to consider opting into its use in the M-RETS. MFA protects against the risks associated with compromised passwords by adding a layer of security to system authentication. The reality is that employees do fall for phishing scams, and they do share passwords. If you’re not using multi-factor authentication (MFA), your organization is wide open to attacks. A vast, if not one of the biggest, security threat today is the risk of compromised credentials.

Authy App in App Store

Authy App in Play Store

How to Turn On Multifactor Authentication (MFA)

  1. Once logged in, click on your name in the upper corner. Then, click ‘Profile’.

  1. You will notice the new MFA field under your profile. Click on ‘Edit’. Then, click on ‘Update 2FA Settings’

  1. Now, you will choose an MFA setting. They are as follows:

  1. Enter your phone number and click save. If you have previously installed the Authy app on your phone, you will see M-RETS automatically added you your account.

  1. Scroll to the bottom of your User Profile and click ‘Save’. You will be automatically logged out and will be asked for a code on your next login.