Skip to content
CS Professional Suite

MFA is a necessary part of every firm’s security plan. Learn how to build it into yours

Thomson Reuters Tax & Accounting  

· 5 minute read

Thomson Reuters Tax & Accounting  

· 5 minute read

How to Stay a Step Ahead of Hackers

In today’s world, passwords can be easily stolen or hacked, putting your firm and your clients at risk. Firms of all sizes are regularly targeted by hackers — and every year, the IRS stops hundreds of thousands of confirmed identity theft returns, totaling billions of dollars.

Now, more than ever, you need to take additional security safeguards to protect your clients’ data.

Multi-factor authentication, or MFA, adds at least one more layer of identity verification, so your protection against hacking and fraud attempts is much stronger than a simple password.

Firms should consider MFA a necessary part of their security plan. Without it, a hacker could remotely log in to an application without your knowledge.

At Thomson Reuters, we work to help you stay one step ahead of the hackers. If you’re using the Thomson Reuters AuthenticatorTM mobile app, you’ll get an alert when logging into your application and you’ll need to approve access — so if it’s not you, you’ll know right away.

In addition to the Authenticator app, you can take advantage of four other MFA enhancements:

  • Syncing up multiple devices with MFA
  • One-time password (OTP) cards
  • Thomson Reuters Authenticator display card
  • Integration with other third-party MFA apps

There are several ways to protect your firm. We recommend you select both one primary method and a backup method.

Primary MFA methods include:

  • Thomson Reuters Authenticator app (recommended)
  • Thomson Reuters Authenticator display card
  • Third party app

Backup MFA methods include:

  • Thomson Reuters Authenticator display card (recommended)
  • Emergency codes (recommended)
  • Additional admins
  • Secondary mobile device

While some businesses use email and text verifications, security experts agree that these methods are no longer secure enough to depend on for authentication. Our recommendation is to use the Thomson Reuters Authenticator app as the primary method, and use emergency codes and/or the display card as backups.

By using MFA, you can stay ahead of the security curve and stand strong as your clients’ first line of defense against tax fraud.

To learn more about how to build your own security plan with Thomson Reuters, visit

More answers