The IRS and its Security Summit Partners urge employers to use multi-factor identification for logins. Multi-factor authentication requires a second method of verification, such as a security code sent to a mobile device, a PIN number or a fingerprint to be used in addition to a user name and password before accessing a site. This two-step authentication ensures a malicious actor with a user name and password cannot access a website without the second step verification information.
Multi-factor authentication should be used when available. Click here for a link to other IRS security tips.