Multi-factor Authentication, or MFA, is a form of authentication requiring that a user prove their identity using two or more identity factors at once.
Security professionals generally recognize three basic identity categories that can be used to prove identity—things that a only the intended user knows (like a password or code), things that only the intended user has (like a mobile phone or token fob), or things that only the intended user embodies (like a fingerprint or facial structure).
True multi-factor authentication, generally regarded as more secure than authentication requiring only one factor, requires that the two or more identity factors used for authentication be different—for example, a password combined with proof of the mobile phone's possession, or a token fob combined with a fingerprint.
Cases in which the user must provide two of the same kind of identity factor to authenticate, such as a password followed by a secret phrase or answer, are not true multi-factor authentication, but are rather more properly referred to as two-step or multi-step authentication.
2FA/MFA Rapid Reference
Authentication at a glance
Download the 2FA/MFA Rapid Reference now:
- 2FA and MFA basics and common solutions
- The benefits and drawbacks of each
- Glossary of authentication terms
MORE DOWNLOADABLE REFERENCES
There are no resources to display.