What is MFA and how does it work?

Multi-factor Authentication (MFA), sometimes also referred to as Second-factor Authentication or 2FA, is an additional layer of security designed to prevent unauthorized access to your account and other data within NerdWallet.

MFA relies on two forms of authentication, something you know and something you have, to verify your identity. The thing you know is often your password, but can also be a "passwordless" one-time login code you receive by email. The thing you have with you can be a mobile device or token. This means that even if your password is hacked, your account will remain secure.

How do I set up MFA for my NerdWallet account?

If you have not been prompted to enroll in MFA and would like to, login to your NerdWallet Account and refer to our how-to guide.

What are my MFA options? 

You will be able to select a single authentication method when you enroll in MFA, which you can change or update at any time. 

Current options:

• Third Party Authentication App - An example would be the Google Authentication app. The authenticator app will generate a verification code that updates every 30 seconds. You will be asked to enter the most current verification code within NerdWallet’s MFA verification screen. 
  
  
• SMS - A text message with a 6-digit code is sent to your mobile device that you will input to complete the authentication process. 

What’s the difference between the TransUnion SMS and MFA? 

TransUnion has its own SMS verification method that is required to link and share your account data with NerdWallet. NerdWallet’s MFA SMS method is an additional layer of security that is separate from TransUnion’s SMS verification method.

Can I enroll in more than one MFA method?

At this time, you can only have one active MFA method at a time and will need to choose between using SMS or a One-Time Passcode.

How do I remove or change my existing MFA method?

If you need to remove or change your existing MFA method please refer to our how-to guide

How do I remove an old phone number and add a new phone number as an MFA method?

If you need to remove or change your existing MFA factor method please refer to our how-to guide

What if I lose or replace my phone and have a new phone number? 

If you lose or replace your device or have a new number and haven't already set up MFA from your new device, we'll need to verify your identity in order to reset your MFA method. The process can take some time, so please be patient as we work to ensure your security and privacy while also resetting your account access.

One way to avoid this issue is to generate and safely/securely record your recovery codes. Please do this whenever you set or update your MFA method!

If you do need help resetting your MFA method, please reach out to support@nerdwallet.com or chat with us to start a support request. Our support team will be happy to help!