Multi-Factor Authentication (MFA) is a crucial security measure that requires users to present multiple forms of verification to access their account. It could be an amalgamation of what you know (like a password), what you possess (like a physical token), or who you are (like a fingerprint).

The primary purpose of MFA is to offer an extra layer of security and keep unauthorized access to your account at bay. If someone manages to acquire your password, they would still need the second factor to access your account. This significantly increases the complexity for them to gain unauthorized access.

At Rocket Money, we prioritize your security. Hence, we have incorporated MFA as part of our login process. It is a crucial step towards ensuring that your account and personal information are well-protected.

Rocket Money’s MFA practices can be divided into two distinct phases:

During the enrollment phase, you get to choose your preferred method for receiving your authentication code, also known as a "one-time passcode" (OTP). You have the following choices for receiving your OTP:

We currently support Google Authenticator, Microsoft Authenticator, and Duo as approved Authenticator Apps.

Once you've enrolled in our MFA practices, you'll be required to authenticate your account every 45 days by entering an OTP during the sign-in process. This 45-day cycle is contingent on whether you have enabled device Biometrics in your phone settings.