Glossary What is Multi-factor Authentication?
By / 2 Jan 2023 / Topics: Cybersecurity
Multi-factor Authentication (MFA) is a security measure that involves verifying your identity during sign in by using one or two additional authentication factors apart from the usual username-password combination. These authentication factors help the system assess user-specific characteristics to confirm their identity — improving security by adding an extra layer of protection that can be harder to bypass.
Relying exclusively on a username-password combination can cause vulnerabilities due to the human-element involved where passwords can be inappropriately shared or easy to guess. Also, cyber criminals use digital tools that can guess a password by trying various combinations in a timely and effective manner. If a malicious actor guesses the password correctly, then MFA can halt the malicious activity, as it’s harder to get around.
Common examples of authentication factors include:
- A knowledge question that’s based around something the user knows.
- Possession, which requires something a user uniquely owns like their phone to complete sign in.
- Inherent qualities, which could be the user’s fingerprint or face ID.
When two authentication factors are used, it's called two-factor or two-step verification. Additionally, there is another form of MFA called three-factor authentication.
