Question OPAA-07
Does your application and/or user-frontend/portal support multifactor authentication (e.g., Duo, Google Authenticator, OTP, etc.)?
| Weight | 15 |
| High Risk | No |
| Required | Yes |
| Compliant Answer | Yes |
Standard Guidance
EDUCAUSE provides no guidance here
Answering "NO"
Describe any plans to support multifactor authentication in your application.
Answering "YES"
Provide a description of MFA support
Reason for Question
2FA/MFA, implemented correctly, strengthens the security state of a system. 2FA/MFA is commonly implemented and in many use cases, a requirement for account protection purposes.
Follow-Up Inquiries
Ask the vendor about hardware and software options, future roadmap for implementations and support, etc.
HECVAT Pro Advice
[Add expert insights and best practices]
Implementation Tips
[Add practical steps for SME SaaS vendors]
FAQ
[Add common questions related to this HECVAT item]
Resources
[Add links to relevant articles or tools]