To better protect the Postal Service from cyberthreats, the organization is changing the way employees and contractors sign into USPS applications.
The new verification method is called multifactor authentication, or MFA, and it requires users to provide two or more confirmations to sign into an application, an online account or a virtual private network.
These confirmation methods include having a user enter an ID and password, and then entering a code sent by text or from a smartcard, authenticator app or hardware token, which is often called a key fob.
Facial or voice recognition, as well as fingerprints, can also be used in multifactor authentication.
The USPS Corporate Information Security Office is working with groups across the organization to prioritize the addition of multifactor authentication to approximately 275 applications that contain sensitive-enhanced data.
The top 40 applications deemed most important to the running of the organization will get multifactor authentication by Dec. 31, 2023. This includes PostalEASE, an application used by more than 650,000 postal employees.
Multifactor authentication is part of the Postal Service’s Zero Trust strategy. More information about MFA at USPS can be found on Blue.