What is Multi-factor Authentication [MFA]?

Sun 1 Mar 2020
Home 9 Identity & Authentication 9 What is Multi-factor Authentication [MFA]?

Multi-factor authentication is an electronic authentication method in which a computer user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something only the user knows), possession (something only the user has), and inherence (something only the user is). It protects the user from an unknown person trying to access their data such as personal ID details or financial assets.

What is Two-factor authentication [2FA]?

Two-factor authentication (also known as 2FA) is a type, or subset, of multi-factor authentication. It is a method of confirming users’ claimed identities by using a combination of two different factors: 1) something they know, 2) something they have, or 3) something they are. A third-party authenticator (TPA) app enables two-factor authentication, usually by showing a randomly-generated and constantly refreshing code which the user can use.

What is Two-step verification?

Two-step verification or two-step authentication is a method of confirming a user’s claimed identity by using something they know (password) and a second factor other than something they have or something they are.

Authentication factors

Authentication takes place when someone tries to log into a computer resource (such as a network, device, or application). The resource requires the user to supply the identity by which the user is known to the resource, along with evidence of the authenticity of the user’s claim to that identity. Simple authentication requires only one such piece of evidence (factor), typically a password. For additional security, the resource may require more than one factor—multi-factor authentication, or two-factor authentication in cases where exactly two pieces of evidence are to be supplied.

The use of multiple authentication factors to prove one’s identity is based on the premise that an unauthorized actor is unlikely to be able to supply the factors required for access. If, in an authentication attempt, at least one of the factors are missing or supplied incorrectly, the user’s identity is not established with sufficient certainty and access to the asset (e.g., unlock a door, or access data) being protected by multi-factor authentication then remains blocked.

The authentication factors of a multi-factor authentication scheme may include:
  • Something you have: Some physical object in the possession of the user, such as a security token (USB stick), a bank card, a key, etc.
  • Something you know: Certain knowledge only known to the user, such as a password, PIN, etc.
  • Something you are: Some physical characteristic of the user (biometrics), such as a fingerprint, eye iris, voice, typing speed, pattern in key press intervals, etc.
  • Somewhere you are: Some connection to a specific computing network or using a GPS signal to identify the location.

Related Posts

Enterprise Security

Stay in the know

Join our community of security-conscious individuals and organizations who prioritize safeguarding their sensitive data. Stay informed about the latest advancements in cyber-physical technology and discover how FEITIAN can empower you to take control of your digital security.

"*" indicates required fields

Full Name*
Share This
0
    0
    Your Cart
    Your cart is empty