Skip to main content
SF.FreddieMac.com

Multifactor Authentication (MFA) FAQ

Disclaimer

This information is not a replacement or substitute for the requirements in the Freddie Mac Single-Family Seller/Servicer Guide and other Purchase Documents.

Toggle all accordion sections
  1. What is Multifactor Authentication (MFA)?

    A: Multifactor Authentication (MFA) refers to an additional layer of security that is added to the login process when accessing a tool. It increases security by requiring you to use both something you know (e.g., your username and password) and something you have (e.g., email address, mobile phone number) when you log into our user interface. This should make it more difficult for an unauthorized person to access your account; they should not be able to access it just by knowing your password.

  2. What tools and systems will be protected with MFA?

    A: All external facing Freddie Mac technology tools accessed via a user interface that require users to log in and authenticate are protected with MFA.

  3. Does MFA apply to system-to-system (S2S) accounts?

    No, MFA does not apply to S2S accounts.

  4. What if our organization uses RPA, or bots, with a human user account to access Freddie Mac tools?

    A robotic process automation (RPA), also known as a “bot,” refers to functions that have been programmed to perform repetitive activities without human interaction. Some RPAs include automated steps to log into an account with user credentials to perform the functions a human would normally execute. If your organization uses RPAs/bots to log into Freddie Mac tools, your process may require additional programming to accommodate MFA.

    While MFA doesn’t need to be applied to bot accounts currently, we continue to review our policies and may later determine that MFA will be extended to bot accounts. Prior to making the change to have MFA extended to bot accounts, we’ll provide advance notice and details to allow sufficient time for development, testing and adoption.

  5. Will MFA make my sign-on experience more difficult?

    No, MFA will add one additional step to your sign-on process and will be quick and easy. The experience should be a familiar process that you may already be using for other online accounts to increase security.

  6. How often do I have to re-authenticate?

    You’ll need to re-authenticate and complete your MFA verification every 24 hours on each trusted device (computer or phone) and each browser you use (e.g., Google Chrome, Microsoft Internet Explorer or Mozilla Firefox). You’ll also need to re-authenticate whenever you clear your cache.

  7. Where do I find more information on getting started with MFA?

    For additional information about MFA as well as setup requirements and guidelines, refer to the Help Guide: Introduction to MFA.

  8. What are my authentication options?

    The following table describes the methods currently available for MFA.

    Verification Method
    Description
    Email Address
    A six-digit, one-time passcode notification is sent to the email address on your user profile that you will enter to complete the authentication process.
    PingID
    The PingID mobile application is a user-friendly solution designed to improve the security of logins and verify an end user’s identity through MFA.
  9. How many devices should I register?

    It is highly recommended that you enable a secondary authentication method in the event your primary device is not available at the time you are attempting to access a Freddie Mac tool.

  10. Can I use my personal device for MFA?

    Freddie Mac allows the use of your personal devices for MFA. You are responsible for ensuring that any such use complies with your employer’s policies, procedures and requirements.

  11. How do I change or update my authentication method?

    You can make changes to your authentication settings for each registered device by visiting the MFA Management portal. For instructions, please refer to the Help Guide: Introduction to MFA.

  12. What if I do not receive emails with a security passcode?

    Please check your junk or quarantine folders within your mailbox. If you encounter issues receiving emails during the registration process, you can click “Cancel” to exit the email registration, close your browser and then log back into the application and elect to register PingID Mobile application. If you encounter issues receiving emails after the registration process is complete, you can elect to “Change Method” and select PingID Mobile application to send the security passcode (OTP). You may need to speak with your IT staff to determine if they are able to allow emails from [email protected]. If these methods do not resolve your issue, please contact the Customer Support Contact Center (800-FREDDIE), option 1 for access.

  13. What if I experience issues with MFA?

    If you encounter issues, please contact the Customer Support Contact Center (800-FREDDIE) , option 1 for access.

  14. What if I lose my MFA device?

    If you forget or lose one of your MFA devices, you can use an alternative MFA method that you’ve established. You should also make sure to remove that method of contact from the MFA Management portal. If you encounter issues, please contact the Customer Support Contact Center (800-FREDDIE), option 1 for access.

  15. Can I opt out of MFA?

    No. Freddie Mac views MFA as an important additional layer of security. If you have concerns with how this may impact you, please contact the Customer Support Contact Center (800-FREDDIE), option 1 for access.

  16. What is the MFA Management portal?

    It’s a self-service portal that allows you to manage your devices. To access the management portal, select your user icon on the top right and a drop-down list will appear. From there, select “Devices” to be directed to your Manage Devices page where you can add, delete, and change your primary or secondary MFA device.

  17. I registered PingID mobile application device through the management portal. Why can’t I use it for authenticating?

    Unfortunately, at this time we do not support PingID mobile application for authenticating into Freddie Mac tools. However, starting June 30, 2024, we will begin supporting PingID mobile application for MFA.