Multi-factor authentication (MFA) is an electronic authentication method that requires a user to present two or more pieces of evidence to an authentication mechanism to gain access to a website or application. The use of multiple authentication factors is based on the premise that an unauthorized actor is unlikely to be able to supply the factors required for access. The authentication factors of a multi-factor authentication scheme may include:
- Something the user has: Any physical object in the possession of the user, such as a security token (USB stick), a bank card, a key, etc.
- Something the user knows: Certain knowledge only known to the user, such as a password, PIN, PUK, etc.
- Something the user is: Some physical characteristic of the user (biometrics), such as a fingerprint, eye iris, voice, typing speed, pattern in key press intervals, etc.
MFA works by requiring additional verification information (factors) . One of the most common MFA factors that users encounter are one-time passwords (OTP). OTPs are those 4-8 digit codes that you often receive via email, SMS, or some sort of mobile app. With OTPs, a new code is generated periodically or each time an authentication request is submitted.
The extra security comes from the fact that somebody trying to break into your account is probably not using your device, so theyll need to have that second factor to get in. MFA is often used interchangeably with two-factor authentication (2FA). 2FA is basically a subset of MFA since 2FA restricts the number of factors that are required to only two factors, while MFA can be two or more.
MFA is a layered approach to securing data and applications where a system requires a user to present a combination of two or more credentials to verify a user’s identity for login. MFA increases security because even if one credential becomes compromised, unauthorized users will be unable to meet the second authentication requirement and will not be able to access the targeted physical space, computing device, network, or database.
