Multifactor Authentication (MFA) FAQ

A: Multifactor Authentication (MFA) refers to an additional layer of security that is added to the login process when accessing a tool. It increases security by requiring you to use both something you know (e.g., your username and password) and something you have (e.g., email address, mobile phone number) when you log into our user interface. This should make it more difficult for an unauthorized person to access your account; they should not be able to access it just by knowing your password.

A: All external facing Freddie Mac technology tools accessed via a user interface that require users to log in and authenticate are protected with MFA.

No, MFA does not apply to S2S accounts.

A robotic process automation (RPA), also known as a “bot,” refers to functions that have been programmed to perform repetitive activities without human interaction. Some RPAs include automated steps to log into an account with user credentials to perform the functions a human would normally execute. If your organization uses RPAs/bots to log into Freddie Mac tools, your process may require additional programming to accommodate MFA.

While MFA doesn’t need to be applied to bot accounts currently, we continue to review our policies and may later determine that MFA will be extended to bot accounts. Prior to making the change to have MFA extended to bot accounts, we’ll provide advance notice and details to allow sufficient time for development, testing and adoption.

No, MFA will add one additional step to your sign-on process and will be quick and easy. The experience should be a familiar process that you may already be using for other online accounts to increase security.

You’ll need to re-authenticate and complete your MFA verification every 24 hours on each trusted device (computer or phone) and each browser you use (e.g., Google Chrome, Microsoft Internet Explorer or Mozilla Firefox). You’ll also need to re-authenticate whenever you clear your cache.

For additional information about MFA as well as setup requirements and guidelines, refer to the Help Guide: Introduction to MFA.

The following table describes the methods currently available for MFA.

It is highly recommended that you enable a secondary authentication method in the event your primary device is not available at the time you are attempting to access a Freddie Mac tool.

Freddie Mac allows the use of your personal devices for MFA. You are responsible for ensuring that any such use complies with your employer’s policies, procedures and requirements.

You can make changes to your authentication settings for each registered device by visiting the MFA Management portal. For instructions, please refer to the Help Guide: Introduction to MFA.

Please check your junk or quarantine folders within your mailbox. If you encounter issues receiving emails during the registration process, you can click “Cancel” to exit the email registration, close your browser and then log back into the application and elect to register PingID Mobile application. If you encounter issues receiving emails after the registration process is complete, you can elect to “Change Method” and select PingID Mobile application to send the security passcode (OTP). You may need to speak with your IT staff to determine if they are able to allow emails from [email protected]. If these methods do not resolve your issue, please contact the Customer Support Contact Center (800-FREDDIE), option 1 for access.

If you encounter issues, please contact the Customer Support Contact Center (800-FREDDIE) , option 1 for access.

If you forget or lose one of your MFA devices, you can use an alternative MFA method that you’ve established. You should also make sure to remove that method of contact from the MFA Management portal. If you encounter issues, please contact the Customer Support Contact Center (800-FREDDIE), option 1 for access.

No. Freddie Mac views MFA as an important additional layer of security. If you have concerns with how this may impact you, please contact the Customer Support Contact Center (800-FREDDIE), option 1 for access.

It’s a self-service portal that allows you to manage your devices. To access the management portal, select your user icon on the top right and a drop-down list will appear. From there, select “Devices” to be directed to your Manage Devices page where you can add, delete, and change your primary or secondary MFA device.

Unfortunately, at this time we do not support PingID mobile application for authenticating into Freddie Mac tools. However, starting June 30, 2024, we will begin supporting PingID mobile application for MFA.