Why You Need to Say 'Yes' to Multifactor Authentication

Purchasing a home is typically the largest and most significant investment of our lives. It's a milestone interwoven with personal dreams, aspirations, and an immense amount of confidential information.

Real estate agents, brokers, and their MLSs are more than just facilitators of a home purchase – you are stewards of trust, responsible for managing, protecting, and maintaining the confidentiality, integrity, and security of sensitive information on behalf of buyers and sellers.

Trust remains the core reason most people select a real estate agent. According to research from the National Association of Realtors, 97 percent of consumers said honesty and integrity were the most important traits for a real estate agent. Agents, brokers, and MLSs must ensure that their clients' personal details, financial records, and other sensitive data are kept secure and confidential.

When clients choose to work with you, they entrust you with the most personal and confidential information they will ever share in a purchase transaction. In our digital era, where anyone can access data from anywhere at any time, you must actively protect personal information.

Real estate in the crosshairs

Security company Astra reports an average of 2,200 cyberattacks per day in the U.S. across all industries, and real estate is fast becoming a preferred target. According to leading cyber security firm Octiv, bad actors were responsible for 75 real estate industry breaches last year, including well-publicized ransomware incidents that delayed some property closings for weeks, costing the industry more than $50 million. The experts at Octiv recently warned at a CoreLogic conference of MLS executives that real estate is becoming a bigger target for hackers than ever.

The problem with passwords

Security experts say the challenge for real estate is that the passwords we use to protect access to our systems and the personal information of clients on those systems are not enough. Research by NordPass documents the widespread use of poor passwords in every industry, not just real estate. However, real estate is particularly vulnerable because of the size of these transactions, the wiring of large amounts of funds, and the disclosure of buyers' and sellers' deep financial and personal details.

Multifactor authentication offers a solution

Despite efforts to strengthen password use, NordPass research shows that these efforts are a massive failure overall in the U.S.

The growing solution to our password problems is multifactor authentication. Multifactor authentication (MFA) requires users to provide two or more forms of identification to access an account. These factors can include something you know (like a password), something you have (like a smartphone), or something you are (like a fingerprint or biometric scan). MFA ensures that even if one of your credentials is compromised, unauthorized access to your account is still blocked.

By requesting multiple forms of identification, MFA makes it significantly harder for hackers to gain unauthorized access to your accounts. Requiring more than one form of identification provides vastly more robust security protection than using even a complex password.

How MFA works

Think of MFA as adding a deadbolt lock to your door – even if someone has the key (your password), they still can't get in without the second one, and that additional form of authentication is your added protection.

Common steps to an MFA process:

• Step 1 – You enter your email address or mobile number.
• Step 2 – You are sent a one-time link to access your account.
• Step 3 – After you click on the link, you are prompted to enter a one-time numerical code (with a short expiration) sent via your account registered email or mobile number.
• Step 4 – You enter the code provided and get access to your account.

Another MFA approach begins with prompting you for your username and password. Once verified, you are taken to a page requiring you to enter a one-time code, either to your registered email or mobile number associated with your account. The code has a short expiration, so you must enter that code quickly to obtain access to the account.

A little pain for a lot of gain

While MFAs are quickly becoming standardized in real estate, this has not been without resistance. MLSs and brokerages don't like the idea of "forcing" their users to change. Change is hard, especially when the behavior you are trying to change is among independent private contractors.

Overall, many agents don't like the idea that they might have to take extra steps to log in and would rather use a password. Again, the problem tech companies face is that password strength is abysmal overall. In fact, the Nordpass study found that "123456" and "password" are still among the most commonly used passwords in America.

Our weak password culture is a ticking time bomb, waiting to be exploited by hackers. Multifactor authentication creates a layer of security that solves the password problem by requiring additional forms of identification, making it exponentially harder for unauthorized users to gain access.

MFA is your digital bodyguard

Yes, multifactor authentication may occasionally require a little more work to access your accounts, but its extra protection is more than worth it. Consider the potential consequences of a security breach: lost client trust, financial losses, and damage to your professional reputation. Verifying your identity takes only a few extra seconds. Think of it as an investment in the long-term security of your business.

Imagine this scenario: A hacker gains access to your email account and starts sending fraudulent messages to your clients, requesting sensitive information or funds. The damage to your reputation and client relationships could be irreparable. Now, consider the same scenario with MFA enabled. Even if the hacker obtains your password, they won't be able to access your account without the second form of authentication, effectively stopping the attack in its tracks.

The minor inconvenience of an extra login step – or two – pales in comparison to the potential consequences of a breach.

Artificial intelligence is improving MFA

One valuable and practical benefit of artificial intelligence is that it is making the MFA process less frequent. Known as "adaptive authentication," it uses built-in AI and machine learning to selectively decide and deploy MFA only when it determines it is required.

CoreLogic recently rolled out adaptive authentication as part of its Clareity security offering to deter unauthorized users, bots, and deceptive login attempts in real time. By learning your behavior patterns, it can instantly spot potentially nefarious activity.

For example, if you normally log in from Miami but MFA sees you are attempting to log in from Moscow, it will deploy MFA. Otherwise, when it recognizes you accessing your Single Sign-On dashboard from the same place, you will be able to sign in without additional authentication.

Better to be safe than sorry

Cyber threats are becoming increasingly sophisticated in the real estate industry. Embracing multifactor authentication is no longer a choice but a necessity.

Keep in mind that whenever you struggle to use any new technology, Tech Helpline analysts can help. This service is available to over 750,000 Realtors in North America as a member benefit from their MLS or association.

Saying "yes" when asked to opt into MFA helps uphold the trust your clients place in you, safeguarding the very foundation of your business – and our industry.

Related reads

From the Tech Helpline Blog:

• 4 Ways to Improve Your Cybersecurity
• 6 Reasons Not To Use Similar Passwords And The Best Alternatives
• Is Your Computer Protected from All The Newest Cyber Threats? A Quick Checklist

Tricia Stamper is Director of Technology at Florida Realtors®, which owns both Tech Helpline and Form Simplicity.