Multi Factor Authentication (MFA) is an extra layer of security of your user account. We want to prevent that a hacker can login using your credentials.
The second layer in MFA means a hacker would need to steal your password along with your phone in order to access your account.
We demand MFA if you want to login on a new device. That is how we help you to stay secure. Once a device has been registered a new MFA-request will not pop up again.
Vault Admins can change the security level from the default setting to an advance security level. This means that users are required to authenticate via mobile phone per login.
A study by Microsoft shows that Multi Factor Authentication can block over 99,9% of account compromise attacks. You can read the full article on Microsoft's website here.