Contact information for Freedom of Information Requests, Post Commanders, and the Webmaster.
Information on Laws & Statutes relating to the Michigan State Police.
AMBER Alert, Michigan Blue Alert, Public Threat Alert, Vulnerable Adult Medical Alert
Information on carrying concealed pistols, permits, renewal, frequently asked questions, pistol free areas, pistol safety training course information, and more.
Freedom of Information Act Requests
Information on Domestic Violence, Fire Safety, Internet Safety, Safety for the Elderly, Safety Tips, Safe Driving, School Safety and Weather Safety.
Vulnerable or Impaired Person Enrollment
Information relating to fire investigations including field office locations, arson tip line ,fire investigation services and fire fighter training information.
Search is currently unavailable. Please try again later.
The web Browser you are currently using is unsupported, and some features of this site may not work as intended. Please update to a modern browser such as Chrome, Firefox or Edge to experience all features Michigan.gov has to offer.
Multi-Factor Authentication (MFA) and Two-Factor Authentication (2FA) are recommended security features that, once enabled, provide an added layer of protection for the user or account holder. With the current threat landscape, passwords alone are no longer sufficient to secure user accounts, especially weak passwords that are less than 16 characters in length.
There are three categories of MFA:
As cyber threats continue to evolve, many organizations are moving away from relying solely on passwords, since they are easily compromised. Implementing MFA/2FA adds a critical layer of protection, ensuring that even if one factor of authentication is exposed, unauthorized access remains highly unlikely. However, not all MFA/2FA methods are created equal. The MC3 recommends prioritizing authenticator applications over push notifications, as push notifications sent to an email address are vulnerable to interception due to compromised accounts.
Biometric technologies are a form of authentication that accurately and securely validate users through their devices. The most common biometric modalities are fingerprint scans and face recognition. Biometric authentication also includes behavioral biometrics, which provide an invisible layer of security by continuously authenticating an individual based on the unique ways they interact with their computer or mobile device such as keystrokes, swipe patterns, mouse movements, and more.
Hardware authenticators are small, easy-to-use devices that an owner carries to authorize access to a network service. By supporting strong authentication with one-time passcodes (OTPs), the physical tokens provide a possession factor for MFA while enabling
enhanced security.
Mobile authentication is the process of verifying a user via their Android or iOS device or verifying the device itself. This technology allows users to login to secure locations and access resources from anywhere with enhanced security.
This authentication type requires a secondary verification method through a separate communication channel, typically the person’s Internet connection and the wireless network on which their mobile phone operates.
Push notifications deliver an authentication code or one-time passcode on the user’s mobile device. Unlike Short Message Service (SMS) messages, the notification appears on the device’s lock screen.
One-time passcodes are delivered to the user’s mobile device through either an SMS text message or a voice message.
Software authenticators, also known as app-based tokens, generate a one-time PIN. These software tokens are often used in MFA scenarios where the user’s device, such as a smartphone, serves as the possession factor.
Multi-Factor Authentication (MFA) strengthens account security by requiring users to verify their identity through at least two different methods. Even if a password is compromised, MFA adds an extra layer of protection that makes it much more difficult for cybercriminals to access sensitive information, helping defend against threats such as data breaches and credential theft.
SPECOPS Software - NIST MFA Guidelines Explained
NIST Computer Security Resource Center - Multi-Factor Authentication
Source: Freepik 