Multifactor authentication (MFA) became mainstream in 2021. Google began pushing to make MFA its default for all users. The Biden administration even required all federal agencies and contractors to implement MFA in its Executive Order on Improving the Nation’s Cybersecurity.

MFA adds in extra layers of verifying a user’s identity so that attackers cannot compromise an account solely with credentials. It includes measures such as biometric access (e.g., fingerprints), personal information, and codes sent to a second device or account.