Skip to main content

Multi-Factor Authentication (MFA)

Devices using end-of-life operating systems are blocked from accessing FINRA systems. You will not be able to access FINRA systems until you upgrade to a supported version of the operating system. Please consult your IT provider for more information related to end-of-life operating systems.

Please contact the FINRA Support Center if you have questions about this implementation.

  • Broker-dealer Firms – (301) 869-6699
  • Funding Portals – (800) 321-6273
  • Investment Advisers Firms, Exempt Reporting Advisors – (240) 386-4848

ON THIS PAGE:

Overview


Multi-factor authentication (MFA) is an additional layer of security beyond the user ID and password that enhances security of your account, using another device to verify identity. It is required for all Super Account Administrators (SAAs) and Account Administrators (AAs) who have access to FINRA systems. This additional security control is provided by the vendor Cisco Duo. Users must enroll with a landline phone, smartphone or tablet to initiate MFA. As an enhanced security measure, you will be directed to the Duo website to complete MFA.

The enrollment steps only need to be completed once per account.

FINRA websites protected by MFA can be accessed from Windows or Mac computers running on one of the latest versions of the operating system. Duo Mobile app works with iOS and Android. Please note that end-of-life versions are not supported and all access will be blocked.

Sharing of account credentials to access FINRA systems violates FINRA security policy and is strictly prohibited. An account must be used only by the person for whom it is created.


  FINRA MFA Guide (PDF 1 MB)
 

Frequently Asked Questions


1Q: Can usernames or passwords be shared among multiple users within a firm?

1A: Sharing of account credentials to access FINRA systems violates FINRA security policy and is strictly prohibited. An account must be used only by the person for whom it is created.

2Q: Why has FINRA implemented MFA?

2A: Multi-factor authentication or MFA is one of the most effective security controls currently available to protect an organization against remote security attacks. If the credentials of a user are compromised, during the log in process, MFA can prevent a security breach through an additional verification process.

FINRA is committed to protecting its member firms’ data and systems from being exposed to any security vulnerabilities. Therefore, FINRA has mandated the use of MFA as an additional verification step for firms logging into FINRA systems.

3Q: How does MFA benefit my Firm?

3A: Passwords are increasingly easy to compromise. They can often be stolen, guessed, or hacked and a user might not even know someone is accessing their account. MFA adds a second layer of security, helping the account stay secure even if the password is compromised.

This second factor of authentication is separate and independent from an account’s username and password.

4Q: Is MFA mandatory?

4A: Yes, FINRA has mandated MFA for all organizations’ SAAs and AAs. Other users are not included at this time; FINRA will communicate the rollout for all other users once a schedule is established.

5Q: What do I do if I lost my phone?

5A: It is strongly recommended that you delete the lost device from your MFA settings; however, you must have at least two registered devices in order to delete the old one. Enroll your new device, then use Manage Devices to delete your lost or stolen phone as described in Section 4 of the FINRA MFA Guide.

If you are not able to log in to Duo Mobile at all, contact the FINRA Support Center at (301) 590-6500 to have your missing phone disabled and to get a one-time passcode so you can log on using that passcode.

6Q: How do I reactivate Duo Mobile?

6A: If you get a new phone, you will need to re-activate Duo Mobile. You may add/enroll your new device by using Manage Devices as described in Section 3 of the FINRA MFA Guide. Otherwise, contact the FINRA Support Center at (301) 590-6500 to reactivate Duo Mobile.

7Q: How do I receive push notifications from Duo Mobile?

7A: You may have trouble receiving push notifications if there are network issues between your phone and the Duo Mobile service. Many phones have trouble determining whether to use the WIFI or cellular data channel when checking for push notifications. To resolve this issue, if you have a reliable internet connection, turn the phone to airplane mode and then turn off airplane mode to return the phone to its normal operating mode. Similarly, the issue may be resolved by turning off the WiFi connection on your device and using the cellular data connection.

If the actions above do not resolve the issue, check the time and date on your phone and make sure they are correct. If the date and time on your phone are manually set, try changing your device's configuration to sync date and time automatically with the network.

If you cannot get Duo Push working on your own, log in with other options available in the Duo Mobile application, such as text message passcode, phone call, or bypass code (provided by the FINRA Support Center). Refer to Section 2 (Step 4) of the FINRA MFA Guide for details.

Need Help?

If you need assistance using MFA, contact the FINRA Support Center at (301) 590-6500.