Multi-Factor Authentication (MFA) is a security system that verifies a user’s identity by requiring multiple credentials. It is a critical component of identity and access management (IAM). Rather than just asking for a username and password, MFA requires other—additional—credentials, such as a code from the user’s smartphone, the answer to a security question, a fingerprint, or facial recognition.
MFA is an effective way to provide enhanced security. Traditional usernames and passwords can be stolen, and they’ve become increasingly more vulnerable to brute force attacks. MFA creates multiple layers of security to help increase the confidence that the user requesting access is actually who they claim to be. With MFA, a cybercriminal may steal one credential but will be thwarted by having to verify identity in a different manner.
Examples of Multi-Factor Authentication include using a combination of these elements to authenticate:
When it comes to MFA, we typically refer to three types of authentication factors:
The latest MFA solutions incorporate additional factors by considering context and behavior when authenticating. For example:
Often called Adaptive Authentication, this type of MFA takes context into account to flag logins that are out of the ordinary. When a person tries to authenticate in an unusual context, Adaptive MFA may tighten security by requesting additional credentials. For example, if a user is logging in from a cafe late at night—and this is not typical for that user—the MFA tool may require the user to enter a code texted to the user’s phone.
See how MFA can protect against many different, common types of cyberattacks.Read More
Find out what to look for in a Multi-Factor Authentication solution.View Checklist
Learn how authentication evolved from simple usernames and passwords to adaptive MFA in this fun infographic.See Infographic