Turning off MFA for SDG&E

What is multifactor authentication (MFA)?

Multifactor authentication is a form of enhanced security that requires you to prove your identity in more than one way when logging into a website. Your user name and password provide the first proof of your identity (or factor). The second factor can take many forms, such as a security question, PIN code, etc.

MFA is also sometimes referred to as two-factor authentication or 2-step verification.

What is changing at SDG&E?

SDG&E is adding multifactor authentication to its website and mobile app. Starting in February 2022, eligible customers will be enrolled automatically.

SDG&E’s MFA requires customers to have a mobile number on record. After entering a user name and password, customers will receive a login code via text message.

Isn’t MFA a good thing?

It can be. MFA is strongly recommended for sensitive accounts such as email or financial services. However, SDG&E’s implementation of MFA suffers from several flaws that are likely to cause headaches for commercial customers.

SDG&E’s website only allows a single email address to be associated with an account. This limitation has several downstream consequences:

  • Corporate customers often share an SDG&E login between multiple employees. For example, your accounting department and property managers might both need access to the website. Turning on MFA means that only one person will be able to log into the website.
  • MFA ties website access to the mobile phone of an employee who may eventually leave the company. Commercial customers usually control employee email accounts, but they don’t always control employee mobile phone numbers.
  • MFA will cut off data access for Gridium and any other third parties who rely on the SDG&E website for timely energy data.

Unfortunately, there is no good technical workaround for these issues. Until SDG&E improves its MFA implementation, the costs outweigh the benefits for commercial customers.

How can SDG&E MFA be turned off?

Turning off MFA is easy:

1. Log into the SDG&E website.

2. Click on your account name in the upper right corner and then click “My Profile.”

3. Make sure that the toggle under “Enable 2-Step Verification” is off (switched to the left).

4. Optionally, edit your phone numbers to remove any entry in the Mobile Phone field. If you want SDG&E to have a contact number, enter it in the Work Phone field instead.

0 replies on “Turning off MFA for SDG&E”

You may also be interested in...

Adding people to your PG&E account
Adding people to your PG&E account

PG&E offers new access management features that allow you to securely add Gridium to your account. Follow these steps to ensure uninterrupted access to your energy use and cost data. Note: the new access management features are not the same…

Adding people to your PG&E account
Adding people to your PG&E account

PG&E offers new access management features that allow you to securely add Gridium to your account. Follow these steps to ensure uninterrupted access to your energy use and cost data. Note: the new access management features are not the same…

Understanding your building email report
Understanding your building email report

Snapmeter delivers powerful energy analytics right to your building operations team online, on mobile, and with custom reporting.