Add an optional, extra layer of security to your Spark account.
For New York: Please see here for the New York State Department of Financial Services Cybersecurity Requirements for Financial Services Companies.
How it works
Two-factor authentication (2FA) adds an extra layer of security to your Spark account. When enabled, agents will sign into their account with their username and password, and then provide an additional verification code sent to their email, phone, or authenticator app.
Regulatory Considerations
Recent updates to the New York State Department of Financial Services (NYDFS) cybersecurity regulations require covered entities—such as agencies and agents—to implement multi-factor authentication (MFA) for access to Nonpublic Information and Information Systems.
Please click here for the New York State Department of Financial Services Cybersecurity Requirements for Financial Services Companies.
In addition, 28 states (AL, AK, CT, DE, HI, IL, IN, IA, KY, LA, ME, MD, MI, MN, MS, MO, NH, ND, OH, OK, PA, PR, RI, SC, TN, VT, VA, and WI) have adopted the NAIC Insurance Data Security Model Law, which includes requirements similar to those for MFA, breach notification, and third-party vendor oversight.
Many states require two-factor authentication, and enabling it is widely recognized as a security best practice.
Getting Started
New users will be prompted to set up two-factor authentication (2FA) during onboarding after entering their email address and creating a password. Existing users who do not have 2FA enabled will be prompted to enable it approximately every 6 months on their next login.
Please note that many states have security requirements mandating 2FA, and enabling it is considered a security best practice.
Authenticator App
Authenticator App
You may already have an authenticator app on your phone, such as Duo Mobile, Google Authenticator, or Microsoft Authenticator. Password managers like 1Password, Keeper, and NordPass also include authenticators. Visit the Apple App Store or Google Play and search for “2FA authenticator” for more options.
SMS / Text Message
SMS / Text Message
By entering your mobile phone number, you agree to receive automated security code text messages from Spark. Message and data rates may apply, and message frequency varies. To remove this feature, go to Two-factor authentication and select a different method. For more information, reply with HELP in the text message.
Email
Agents can use an email address to set up 2FA as well. The email address used to start 2FA does not have to match the one used to access the platform.
Disabling 2FA
Disabling 2FA
Agents can choose to remove 2FA from Spark at any moment with just a few clicks:
Check out the 2FA feature in the Spark platform here. Having trouble getting access to your platform? Reach out to the platform team at [email protected].
💡 Please Note: Using the 2FA feature is optional and will always be disabled. If agents are interested in using the feature, they must first activate it in their profile.