You chose a strong password. You’ve never written it down. You change it every few months.
That used to be enough.
It isn’t anymore.
Cybercriminals have developed sophisticated tools to crack, guess, or steal passwords. This theft often happens without your knowledge. A leaked password from a data breach you didn’t cause, a phishing email designed to look legitimate, or a login attempt from the other side of the world are the realities of managing a digital life today.
At CDF Capital, we believe wise digital stewardship is part of protecting what God has entrusted to you. Just as you safeguard your financial resources, protecting your online accounts is an essential act of stewardship.
Multi-factor authentication (MFA) is an effective tool for doing so.
What Is Multi-Factor Authentication?
Multi-factor authentication adds a second (or third) layer of verification when you log in to an account. Instead of relying on just your password, MFA requires you to confirm your identity through at least one additional step.
These additional steps typically fall into three categories:
1. Something you know—a PIN or security question
2. Something you have—a text message code, authenticator app, or hardware key
3. Something you are—a fingerprint or face recognition
Even if cybercriminals obtain your password, MFA dramatically reduces the risk of unauthorized access because you have an extra layer of protection. MFA works best when paired with a strong, unique password for every account.
Where You Should Enable MFA Today
Not all accounts carry the same risk, but some deserve immediate attention:
Financial and investment accounts. Any account that processes or manages funds should use multi-factor authentication, including your CDF Capital account, banking apps, and retirement platforms.
Email. Your inbox often connects to every other account. Your email deserves the same care and protection as your most sensitive financial accounts.
Ministry platforms and giving portals. The stewardship of your church’s financial data and donor records is a trust worth protecting.
Cloud storage and document services. If sensitive files live in Google Drive, Dropbox, or similar platforms, protect access with MFA.
Choosing the Right MFA Method
While text message verification is a helpful first step, authenticator apps provide a higher level of security. These apps generate time-sensitive codes that refresh every 30 seconds and are not subject to the interception risks associated with text messages. They offer stronger protection for financial and email accounts.
Rob Bedley, our Director of Technology Services, shares this important tip:
If setting up an authenticator app feels overwhelming, start with what you can do right now. Text message verification is a meaningful step forward. The goal is to add a layer of protection and then strengthen it over time.
A Note on Account Recovery
When you enable MFA, store your backup codes in a secure location. Print a copy and put it in a lockbox or use a password manager. If you lose access to your phone, these codes will help you regain access.
Never store backup codes in your email inbox. If your email is compromised, those codes would also be accessible to cybercriminals.
Wise Stewardship in a Digital World
Protecting your financial accounts is one of the most practical expressions of stewardship. Enabling MFA takes less than 15 minutes, but that small time commitment can prevent the kind of loss that takes far longer to recover from.
If you have questions about the security of your CDF Capital account, reach out to us directly. We are here to walk with you every step of the way.
Stay alert.
Stay wise.
Stay CyberSmart.
