= Multi-factor authentication at MBS =
In the coming weeks, MBS will roll out authentication with a so-called second factor (2FA). But what is this and why is it needed?

Authentication is the technical term for logging into an IT system. Currently, this is based on one factor. This is your password. However, a password alone is no longer considered secure—and the IT security incidents of recent weeks and months, also here at MBS, confirm this. 
For this reason, we will be requiring at least two factors for logging in (multi-factor authentication, MFA). In addition to your password, you will need one of the following options:
1. After entering your password, you must confirm your login in an app ([wiki:public/register_mfa_de#mfa_option1_en Option 1]).
1.    In addition to the password, you will need a code displayed by an app (app on your cell phone, [wiki:public/register_mfa_en#mfa_option2_3_en Option 2]).
1.    The code can also be obtained from an app on your laptop ([wiki:public/register_mfa_en#mfa_option2_3_en Option 3]).
1.    Alternatively, the code can be obtained via a phone call ([wiki:public/register_mfa_en#mfa_option4_en Option 4]).
In addition, there is the option of using a special USB stick (“FIDO2” stick), which must always be plugged in to log in.

The options are listed in the order in which I recommend them. 

On site at MBS (or when connected via VPN), __no__ second-factor authentication is required.

''__Note for employees__: Since you will need to use your personal smartphone for options 1 and 2, I can only offer these options. However, options 3 and 4 only require equipment provided by the employer.''

Introduction phase:
a. January 18, 2026: Mandatory for employees
a. January 25, 2026 (planned): Mandatory for all lecturers
a. Mid-February 2026 (exact date still to be confirmed): Mandatory for everyone (including students and alumni)

== Which option is best for me? ==
1. If you don't mind installing Microsoft Authenticator on your smartphone, use [wiki:public/register_mfa_en#mfa_option1_en Option 1].
1. If you want to use a different authenticator on your smartphone, use [wiki:public/register_mfa_en#mfa_option2_3_en Option 2].
1. If you do not want to use your smartphone, use [wiki:public/register_mfa_en#mfa_option2_3_en Option 3].
1. Option 4 is only a fallback if, for whatever reason, options 1 to 3 do not work ([wiki:public/register_mfa_en#mfa_option4_en Option 4]).

{{{
#!html
<div style="font-size: 150%;font-weight:bold;color: red;">Registration is required before using MFA!</div>
}}}
[wiki:public/register_mfa_en Register for MFA]