Multi-factor authentication (MFA) strengthens account security by requiring two factors to confirm your identity when you sign in to your ID.me account. These factors usually include:
- Something you know - A username and password, for example, plus
- Something you own - Like a phone number, smartphone, tablet, mobile app, or NFC-enabled security key
MFA helps prevent phishing, social engineering, and password brute-force attacks. It also secures your logins from attackers exploiting weak or stolen passwords. With MFA, you need more than your password to access your account, which dramatically improves your account’s security. This article explains the basics of MFA and how to begin the setup process.
MFA key terms
Here are a few terms you’ll want to know that relate to multi-factor authentication:
- Recovery code - A 12-character code you can view and save the first time you set up MFA. Use this code to sign in if you change phones or lose access to your MFA device.
- Verification code - A temporary, 6-digit code sent to a trusted device via text message or to a dedicated app, like the ID.me Authenticator app.
- Trusted device - A smartphone or tablet that you previously used to set up MFA. If this is your first time creating an ID.me account, the device you use to set up MFA is your first trusted device. You can have more than one trusted device, and will need at least one to use verification codes with your chosen MFA method.
- Trusted phone number - Used to receive verification codes by text or phone call or to download the ID.me Authenticator app. You must verify at least one trusted phone to enroll in MFA. Consider verifying additional phone numbers, like a home phone, to ensure you can access your account, even when away from your own trusted device.
- Backup code - An alternate MFA method available with specific partners. You’ll receive a set of twelve, 12-character codes.
How MFA works
When you create a new ID.me account, you may be asked to set up multi-factor authentication to help secure your account. After you set up MFA for your ID.me account, to sign in, you will:
- Enter your email address and password, or sign in using your third party or social media account.
- Confirm your sign-in using the MFA method you chose.
For example, when you use the text message MFA method, you will sign in to your ID.me account using your email address and password. Next, we’ll text you a one-time code that you’ll enter. After you enter the code, you are signed in to your account.
Choose an MFA method
ID.me has several options you can set up for multi-factor authentication. You can set up one MFA method or several.
Common MFA methods
These methods are quicker to set up and don’t require specialized hardware.
|MFA method||How it works||What you need|
|Device Unlock||You complete sign in using your computer, smartphone, or tablet.||A computer, smartphone, or tablet.|
|Push Notification||You receive a notification via your ID.me Authenticator app on your mobile device that you press to confirm.||A mobile device and the ID.me Authenticator app.|
|Code Generator||You enter a 6-digit verification code you’ll find in your ID.me Authenticator app.||A mobile device and the ID.me Authenticator app.|
|Text Message or Phone Call||You receive a text or phone call that has a verification code you’ll enter.||
A phone that accepts text messages or phone calls.
If you don’t have a mobile device, use the phone call option to receive a call to your landline phone.
Other MFA methods
These methods require specialized hardware, like a NFC-enabled security key or USB device.
|MFA method||How it works||What you need|
|NFC-Enabled Security Key||Touch a YubiKey(TM) to your mobile device.||Field Name|
|Security Key||Plug a USB device into your computer.||A computer and specialized USB device.|
Manage MFA methods
After you add an MFA method, you can sign in to your ID.me account to add, change, or delete MFA methods. We recommend you set up at least one MFA method, even if it’s not required. To manage your MFA methods:
- Sign in to your ID.me account.
- Select the Sign in & Security tab, then Security to find your MFA settings.
- Select Set Up to add a new MFA method or the trash can icon “🗑” to delete an existing MFA method.
If you have two MFA methods set up, for example, you can delete one of the methods. However, it’s not possible to delete every MFA method for your account.
If you have trouble setting up or managing your MFA method, or if you see an MFA-related error message, visit Troubleshooting multi-factor authentication.