Information Security

Multifactor Authentication Deployed to USPS Applications

To further protect the United States Postal Service® (USPS®) from growing cyberthreats, multifactor authentication (MFA) is being deployed on USPS applications.

As one of the most powerful tools available to prevent cybercriminals from attacking a network, MFA is a verification method requiring a user to provide two or more confirmation factors to gain access to an application, online account, or virtual private network.

In general, the verification methods include:

n A knowledge factor. Enter User ID and password.

n A possession factor. Use a text message code, smartcard, authenticator app, or hardware token (also known as a key fob).

n A biometrics inheritance factor. Verify using facial or voice recognition and fingerprints.

In partnership with groups across USPS, the Corporate Information Security Office is prioritizing approximately 275 sensitive-enhanced USPS applications for MFA (with the top 40 targeted for implementation by December 31, 2023). This includes PostalEASE, an application used by more than 650,000 Postal Service™ employees.

Multifactor authentication is part of the USPS Zero Trust strategy — for more information about this effective security tool, visit the following resources:

n The Zero Trust page at blue.usps.gov/itweb/ciso/zero-trust.htm.

n The MFA page on Blue at blue.usps.gov/itweb/ciso/identity-access-management/mfa.htm.