Veterans Opt for More Security with Multi-Factor Authentication
In today’s world, we’re all challenged daily to protect our privacy and security, whether it’s making online purchases, filing taxes, or accessing and managing online services and accounts. This is true in our personal lives and it’s true for Veterans and VA. The good news is that a record number of Veterans are now choosing VA’s multi-factor authentication (MFA) option—verifying their identity through more than one channel, such as a password and a text message code. This capability adds another level of security when Veterans log in to access and manage VA services and benefits. “It’s great to see our Veteran user community embrace this option,” stated Charles Worthington, Chief Technology Officer at the U.S. Department of Veteran Affairs’ (VA) Office of Information and Technology (OIT). “Multi-factor authentication is currently optional, but obviously it’s a popular choice.”
MFA enhances the security of VA’s digital interfaces, providing additional levels of protection. VA’s MFA allows users to select from assorted authentication methods that further protect the Veteran’s identity. MFA combines more than one authenticator types based on information users know (e.g., a username and password) and information users receive (e.g., a code sent to the user’s mobile phone via text message). The MFA approach safeguards user accounts from impersonation attempts and keeps them secure if a user’s username and password are ever compromised. MFA also prevents potential account takeovers during additional online logins.
In 2016, VA deployed multi-factor authentication to Vets.gov users via the MFA platform ID.me. MFA logins are now possible on DSLogon, MyHealtheVet, and VA.gov. As of May 2019, one million unique users have opted for MFA security, and the number of MFA-protected login events increased from one million to five million from February 2018 to February 2019. VA OIT expects to surpass ten million login events using MFA this summer.
MFA is a credential that can be used anywhere on any device. And while MFA is not required to set up a VA.gov account, it is required for some functions for VA.gov. For example, if users want to perform certain privacy-sensitive functions on VA.gov, such as accessing medical records, users will be prompted to set up multi-factor authentication. Regardless of a Veteran’s age, gender, or location of residence—including overseas—VA provides the opportunity for every Veteran to secure their accounts.
For additional information on VA OIT’s MFA, visit the ID.me website.