Multi-Factor Authentication

Using multi-factor authentication, a user must successfully provide two or more pieces of evidence to an authentication mechanism to be permitted access to a website or application.

Users must submit more information than just a password during the multi-step account login process known as multi-factor authentication (MFA). Users may be required to provide more information than just the password, such as a code delivered to their email, a secret question to answer, or a fingerprint scan.

In order to access a resource like an application, online account, or VPN, the user must submit two or more verification factors using multi-factor authentication (MFA). A robust identity and access management (IAM) policy is built around MFA.

MFA lowers the probability of a successful cyberattack by requiring one or more extra verification elements in addition to a username and password.

Three most common kinds of factors are:

• Something you know – Like a password, or a memorized PIN
• Something you have – Like a smartphone, or a secure USB key
• Something you are – Like a fingerprint, or facial recognition