As recently shared with members in eMemo #4242, and as part of its ongoing commitment to enhancing cybersecurity, the Board is implementing new password requirements and multi-factor authentication (MFA) to our secure login screen in July.
New Password Requirements Starting July 11
We’re updating our password requirements to align with modern cybersecurity best practices starting July 11. When you log in that day, you’ll be prompted to create a new password, even if your existing password meets the new requirements.
Your new password must:
- be 12-20 characters in length;
- contain at least one number, one special character and six letters;
- not include four characters, in the same order, as in previous passwords.
There’s no need to change your password before July 11, and if you do, you’ll need to change it again when you log in that day.
Multi-factor Authentication Starting July 18
The new MFA system to the login screen will take effect on July 18.
MFA is a verification step after you enter your password which will require you to enter a system-generated code sent to you either by text message or email.
MFA won’t trigger every time you log in, only when you:
- first log in as a new FVREB member;
- forget your password and are locked out;
- change your email or password.
When it’s triggered, you will be prompted with the option to receive the code by text or by email.
These contact methods are based on your primary contact phone number and email address on file. If your primary contact number is a landline, you’ll only be able to use email for verification.
Before we activate this system on July 18, we encourage you to confirm that we have your correct email address and phone number on file to ensure you don’t get locked out of your account.
Why are we implementing these changes?
Your login credentials are the first line of defense against cybercriminals.
Robust password requirements make it more difficult for attackers to hack into the system by using password generators, and MFA guards against the use of social engineering techniques to guess and use your password.
Using these techniques, criminals gained access to lockboxes in the Lower Mainland earlier this year. This resulted in two burglaries and one REALTOR® having to pay thousands of dollars out-of-pocket to rekey an entire apartment building.
Potential breaches can also affect the integrity and security of the MLS®, our most important asset.
These new requirements will help modernize our security infrastructure and will help keep you, your clients, and our MLS® more secure.
Thank you for your attention to these matters, which will help to protect against cyberthreats and serve the collective interests of all members.