An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

News | Oct. 10, 2023

CSAM 2023 Week 1: Enabling multifactor authentication

By DCMA Information Technology

FORT GREGG-ADAMS, Va.  –  

Defense Contract Management Agency’s Information Technology Cybersecurity team champions Cybersecurity Awareness Month, known as CSAM, to ensure good cyber habits. With the holiday online purchasing season approaching, October is the ideal time for personnel to learn about their cyber presence and the role cybersecurity plays in keeping DCMA, its customers and the warfighter secure.

Week One focuses on using multifactor authentication, known as MFA.

What is MFA?

Using just a password nowadays isn’t enough to protect ourselves online. Also referred to as two-factor authentication and two-step factor authentication, MFA is a security measure that requires anyone logging into an account to undergo a two-step verification process to prove their identity. This method makes it much harder for criminals to access an online account. Always enable this option whenever it’s available for extra account protection.

How does MFA work?

The first step is logging into an account as usual and entering the password or passphrase. The second step is providing an additional way of proving the account is yours. Examples of this secondary authentication method are:

  • A code sent to via text or email
  • An additional personal identification number, commonly known as a PIN
  • The answer to a security question like, “What’s your favorite pet’s name?”
  • A biometric identifier like facial recognition or a fingerprint
  • A yes or no button or unique number generated by an authenticator app
  • A secure token, which is a separate piece of hardware like a key fob that verifies a person’s identity with a database or system

Which accounts offer MFA?

Not every online account offers MFA, but it’s most likely available on those that hold financial or personal information such as financial institutions, online stores or social media platforms. These types of accounts are constant targets for fraud and hacking and should always be protected using MFA.

For more information about MFA and other cybersecurity topics, visit the Cybersecurity and Infrastructure Security Agency website or the Cybersecurity Awareness Month webpage on DCMA 365 (employee login required).

Related Stories

Tech team wins cybersecurity award
National Cybersecurity Awareness Month cybersecurity CSAM