Which of the following aspects should the technician emphasize as the most secure practice when deploying this MFA method?

An IT support technician is configuring multifactor authentication (MFA) for a secure application. The organization wants to use an authenticator app that generates time-based one-time passwords (TOTPs).

Which of the following aspects should the technician emphasize as the most secure practice when deploying this MFA method?
A . Requiring users to install the authenticator app on their corporate computers
B . Advising users to store backup codes in a secure but accessible location
C . Encouraging users to synchronize their app across multiple devices
D . Setting the TOTP to expire after each login session

View Answer

Answer: B

Explanation:

Correct Answer. B. Advising users to store backup codes in a secure but accessible location

When using authenticator apps that generate TOTPs, it’s critical to prepare for situations where a user might lose access to their device. Storing backup codes securely ensures that users can regain access without compromising security.

Option A is incorrect because installing authenticator apps on corporate computers could expose them to additional risks if these computers are compromised.

Option C is incorrect because synchronizing the app across multiple devices could increase the risk of unauthorized access if one of the devices is compromised.

Option D is incorrect because TOTPs naturally expire quickly (usually every 30 to 60 seconds) and do not need to be manually set to expire after each session, which could unnecessarily complicate the login process.