MFA

Definition

Multi-factor authentication using ≥2 verification methods.

Technical Details

Multi-factor authentication (MFA) is a security mechanism that requires users to provide two or more verification factors to gain access to a resource, such as an application, online account, or VPN. These factors typically fall into three categories: something you know (e.g., password, PIN), something you have (e.g., smartphone, hardware token), and something you are (e.g., biometric data like fingerprints or facial recognition). MFA enhances security by adding additional layers of protection, making it significantly harder for unauthorized individuals to access sensitive information, even if they have obtained one factor, such as a password.

Practical Usage

MFA is widely used in various sectors to protect sensitive data and accounts. For instance, online banking platforms often require users to enter a password and then send a verification code to the user's registered mobile device. Similarly, corporate environments may implement MFA for accessing internal applications, requiring employees to authenticate using both a password and a one-time code generated by an authenticator app or SMS. MFA is also commonly used in cloud services, where users must authenticate with their credentials and a secondary verification step to prevent unauthorized access.

Examples

• Google Account: Users must enter their password and then verify their identity using a code sent to their mobile device or generated by an authenticator app.
• Online Banking: Banks ask customers to log in with their username and password, followed by a code sent via SMS or email to confirm their identity.
• Corporate VPN Access: Employees must sign in with their organizational credentials and then authenticate using a hardware token or biometric scan.

Related Terms