Multi-Factor Authentication (MFA / 2FA)

Multi-factor authentication (MFA) requires users to present two or more authentication factors — typically password plus a TOTP code, push notification, or hardware token. MFA is the single most effective defence against credential-based attacks on a virtual data room.

European VDR procurement should require MFA enforcement on all users by default. Most major providers offer MFA out of the box.

Last updated: May 2026.