SF.FreddieMac.com

Multifactor Authentication (MFA) FAQ

Toggle all accordion sections
  1. What is Multifactor Authentication (MFA)?
    Multifactor Authentication (MFA) refers to an additional layer of security that is added to the login process when accessing a tool. It increases security by requiring you to use both something you know (e.g., your username and password) and something you have (e.g., email address, mobile phone number) when you log into our user interface. This will make it more difficult for an unauthorized person to access your account; they should not be able to access it just by knowing your password.
  2. What tools and systems will be protected with MFA?
    All external facing Freddie Mac technology tools accessed via a business user interface that require users to log in and authenticate will be protected with MFA starting March 4, 2022.
  3. Does MFA apply to system-to-system (S2S) accounts?
    No, MFA does not apply to S2S accounts.
  4. What if our organization uses RPAs or ‘bots’ with a human user account to access Freddie Mac tools?
    A robotic process automation (RPA), also referred to as a “bot,” refers to functions that have been programmed to perform repetitive activities without human interaction. Some RPAs include automated steps to log into an account with user credentials to perform the functions a human would normally execute. If your organization uses RPAs/bots to log into any of the Freddie Mac tools, your process may require additional programming to accommodate MFA.
     
    While MFA does not need to be applied to BOT accounts in 2022, we expect new guidance to be issued for BOT security in 2023. We will provide advance notice and details as future security  requirements are defined to allow sufficient time for development, testing and adoption.
  5. When will MFA be turned on?
    We will enable MFA March 4, 2022. Please begin to prepare for this change.
  6. Will MFA make my single sign-on (SSO) experience more difficult?
    No, MFA will add one additional step to your sign-on process and will be quick and easy. The experience should be a familiar process that you may already be using for other online accounts to increase security.
  7. How often do I have to re-authenticate?

    You will need to re-authenticate and perform the additional 6-digit sign-on process every 24 hours on each trusted device (computer or phone) and each browser you use (e.g., Google Chrome, Microsoft Internet Explorer or Mozilla Firefox). You will also need to re-authenticate whenever you clear your cache.

  8. Where do I find more information on getting started with MFA?
    For additional information on the changes with MFA as well as setup requirements and guidelines, refer to the MFA user guide.
  9. What are my authentication options?

    You will be able to use an email address, text or phone number, which you can change or update at any time. Options are outlined below:

    Verification Method
    Description
    Email Address
    A six-digit, one-time passcode notification is sent to the email address on your user profile that you will enter to complete the authentication process.
    Text Message
    A text message with a six-digit, one-time passcode is sent to your mobile device that you will enter to complete the authentication process.
    Phone Calls
    A call is placed to the phone number provided and the six-digit, one-time passcode will be verbally communicated for you. Enter this code to complete the authentication process.
  10. How many devices should I register?
    It is highly recommended that you enable two or more secondary authentication devices in the event your primary device is not available at the time you are attempting to access a Freddie Mac tool.
  11. Can I use my personal device for MFA?
    Yes, Freddie Mac allows the use of your personal device for MFA.
  12. How can I update my authentication email address?
    You can make changes to your email address by using the “Update My Profile” option in Freddie Mac Access Manager.
  13. How do I change or update my authentication method?
    Starting March 4, will be able to make changes to your authentication settings for each registered device by visiting the MFA Management portal. For instructions, please refer to the MFA user guide.
  14. What if I do not receive a security passcode to the cell phone number in my profile?
    Please request that the one-time passcode be resent. If you still encounter issues, please contact the Customer Support Contact Center at 800-FREDDIE (800-373-3343), option 1 for access.
  15. What if I do not receive emails with a security passcode?
    Please check your junk or quarantine folders within your mailbox. If you encounter issues receiving emails during the registration process, you can click “Cancel” to exit the email registration, close your browser and then log back into the application and elect to register SMS and/or Voice. If you encounter issues receiving emails after the registration process is complete, you can elect to “Change Method” and select SMS or Voice to send the security passcode (OTP). You may need to speak with your IT staff to determine if they are able to allow emails from [email protected]. If these methods do not resolve your issue, please contact the Customer Support Contact Center at 800-FREDDIE (800-373-3343), option 1 for access.
  16. What if I experience issues with MFA?
    If you encounter issues, please contact the Customer Support Contact Center at 800-FREDDIE (800-373-3343), option 1 for access.
  17. What if I lose my MFA device?
    If you forget or lose one of your MFA devices, you can use an alternative MFA method that you’ve established. You should also make sure to remove that method of contact from the MFA Management portal. If you encounter issues, please contact the Customer Support Contact Center at 800-FREDDIE (800-373-3343), option 1 for access.
  18. Can I opt out of MFA?
    No. Freddie Mac wants to help our clients protect their information and MFA is an additional layer of security that will enable us to do so. If you have concerns with how this may impact you, please contact the Customer Support Contact Center at 800-FREDDIE (800-373-3343), option 1 for access.
  19. What is the MFA Management portal?
    It’s a self-service portal that allows you to manage your devices. To access the management portal, select your user icon on the top right and a drop-down list will appear. From there, select “Devices” to be directed to your Manage Devices page where you can add, delete and change your primary MFA device, including managing your phone number.
  20. I registered PingID Mobile Application device through the management portal. Why can’t I use it for authenticating?
    Unfortunately, at this time we do not support PingID Mobile Application for authenticating into Freddie Mac tools. We continue to research this authentication option and may make it available in a future release.