Why does Prisidio use multi-factor authentication?
What is multi-factor authentication?
Multi-factor authentication (MFA) is a verification method that requires more than one type of user validation. It prevents bad actors from accessing your vault even if they've acquired your username and password.
How does multi-factor authentication work?
MFA works by requiring additional verification information (known as factors). Users can't log in using only usernames and passwords. They must provide further proof of identity, such as a code from an authentication app.
Why use multi-factor authentication?
MFA significantly reduces the likelihood of many types of cyber-attacks. It's common for third parties to steal usernames and passwords or programmatically attack user accounts. Adding MFA to the login process impedes these violations.
Is multi-factor authentication required or optional?
Prisidio requires the use of multi-factor authentication; this additional security is not optional. Note that this requirement is not only for you as the vault owner but also anyone you invite into your vault. While we acknowledge this adds an extra step when you log in to your Prisidio account, we do this because we highly value the trust you’ve placed in us by storing your vital personal data and documents with us. As such, we believe that this extra step – which significantly increases our ability to protect your data and documents – is well worth the extra step when logging in to your Prisidio Vault.
What are authentication apps?
Authentication apps are a type of MFA that generate security codes used for signing into applications that require higher levels of security to access. Authentication apps installed on your mobile device (something you have) combined with your username and password (something you know) greatly decrease the risk of someone gaining access to your Prisidio Vault.
Examples of authentication apps include Microsoft Authenticator, Google Authenticator, and Okta Verify. Additionally, Prisidio offers SMS OTP codes that will work in place of an authenticator app. Each time you wish to log in to the vault, you will receive a text message with a code that you can enter to gain access.