Multi-factor authentication (MFA) strengthens account security by requiring two factors to verify your identity. These factors usually include something you know (like a username and password) plus something you own (like a smartphone).
MFA protects against phishing, social engineering, and password brute-force attacks and secures your logins from attackers exploiting weak or stolen credentials. With MFA, your password alone is no longer enough to access your account, dramatically improving account security.
For step-by-step guides on how to set up each multi-factor authentication method, please select one of the following options:
- Text Message or Phone Call
- Push Notification
- Code Generator
- NFC-Enabled Security Key
- FIDO Security Key
How it works
When you have set up MFA in your ID.me account, you begin the sign-in process with your email address and password, then you will also enter additional credentials--often, a verification code, which has been sent to a trusted device, sometimes via a trusted phone number.
For example, depending on how your account is set up, you may sign in to ID.me on your computer, then receive a verification code via text on your smartphone. Enter the code from your phone on your computer, and sign-in is complete.
Depending on your account set-up and the partner website you are working with, you may be asked to provide MFA credentials every time you sign in, or you may be permitted to 'trust' sign-ins that come from certain devices.
What is a trusted device?
A trusted device (like a smartphone or tablet) is a device that you have used before for MFA. Trusted devices are used to verify your identity by displaying a verification code.
What is a trusted phone number?
A trusted phone number can be used to receive verification codes either by text or phone call.
You must verify at least one trusted phone number to enroll in MFA. Consider verifying additional phone numbers (like a home phone, or a number used by a family member) to ensure you can access your account, even when you are away from your own trusted device.
What is a verification code?
A verification code is a temporary code sent to a trusted device via a text message or dedicated app, like ID.me Authenticator. (NOTE: A verification code is different from the passcode you may use to unlock your device.)
What is a push notification?
A push notification is a prompt that appears on your enrolled trusted device when you sign in. Tap and approve the push notification to complete the process.