Two-Factor Authentication (2FA)

What is Two-Factor Authentication (2FA)?

Two-Factor Authentication (2FA) is a security method that requires two separate forms of identity verification before granting access to an account.

Traditionally, accessing a website or online service simply requires a username (or email address) and a password. Unfortunately, many people reuse the same credentials across multiple sites. If just one of those services suffers a data breach and exposes those credentials, an attacker could potentially gain access to every other account that shares them.

How does Two-Factor Authentication work?

2FA combats this risk by requiring a second, independent factor in addition to your username and password. This second factor usually takes the form of a One Time Password (OTP) - a unique, time-limited code.

Because this second factor is something only the genuine account holder can access, an attacker who has stolen your username and password still cannot log in without it.

What are the different types of 2FA?

There are several common methods of delivering the second authentication factor:

• Email: A unique one-time code is sent to your registered email address, which you then enter to complete login.
• Authenticator app: A code is generated by an authenticator app (such as Google Authenticator or Microsoft Authenticator) on your smartphone.
• SMS: A code is texted to your registered mobile number.

Two-Factor Authentication in MIDAS

All MIDAS room booking systems include optional Two-Factor Authentication, adding an extra layer of security to your booking data.

When 2FA via email is enabled, users are emailed a unique code upon login which they must enter to complete sign-in. When 2FA via an authenticator app is enabled, users instead enter a code generated by their authenticator app. This ensures that even if a MIDAS password is compromised, an attacker still cannot access the system without the second factor.