I know, it is not the most interesting subject to blog about.
VMware gives you the opportunity for your My VMware account to use MFA.
And I would advise to use MFA.
Well, depending on the situation, your my vmworld account can have access to different company accounts. Giving you, depending on roles and permissions, the ability to create support requests, download software, access licenses etc…
And that is great.
But it is a risk when your account gets hacked.
That is where MFA can help. It is an extra line of defense.
MFA stands for, multi factor authentication. And when MFA is enabled,a person needs to present multiple pieces of evidence to authenticate (see https://en.wikipedia.org/wiki/Multi-factor_authentication )
Most of the times these pieces are a password and a token, generated by a authentication app or device.
So, when you would know my password, you still can’t use my ‘my vmware’ account because I’ve enabled MFA. And the token is generated on my phone, which I have with me, and is locked.
- Use a strong password. Strong doesn’t mean a lot off difficult characters, although there are some rules you have to follow. Study has shown that also the length of your password is a big key in having a strong password.
- Enable MFA.
Check this VMware KB on how to enable MFA for your My VMware account.