Multifactor authentication (MFA) strengthens your ID.me account security by requiring two methods to verify your identity. These factors can include something you know, like a username and password, plus something you own, like a smartphone.
NOTE: MFA requirements vary between healthcare systems. Your healthcare system’s MFA process and options may differ from what is described in the ID.me FAQ.
How it works:
When you want to sign in to your account, you'll need to provide two pieces of information—your username and password and either enter in verification code or approve a push notification from your trusted device, such as an iPhone, Android, or other smartphone.
By entering the code or approving the push notification, you're verifying that you are both in possession of the device and accessing your account. For example, if you have an iPhone and are signing into your account, you'll be prompted to enter your password and approve the login event by entering the verification code that's automatically displayed on your iPhone.
A trusted device is a device that you've already used for multifactor authentication. Trusted devices like smartphones and tablets can be used to verify your identity.
Trusted phone numbers:
A trusted phone number is a number that can be used to receive verification codes by text or phone call. You must verify at least one trusted phone number to enroll in multifactor authentication.
A verification code is a numeric code sent to your trusted device or phone number. When this multifactor authentication method is used, when you login, a 6-digit numeric code will be sent to your enrolled phone. You’ll then enter that phone number into the login prompt to complete login. A verification code is different from the device passcode you enter to unlock your iPhone, iPad, or iPod touch.
A push notification is a prompt that appears on your enrolled trusted device when you login. You’ll tap and approve the push notification to complete login.