Multi-Factor Authentication (MFA) also known as two-factor authentication or 2FA, is a security measure that allows users to present two pieces of evidence or credentials when logging into an account. It is a critical component of identity and access management (IAM).
MFA combines two or more credential categories for authentication:
- What the user knows (knowledge) such as a password
- What the user has (possession) such as a security token
- What the user is (inheritance) such as biometrics
- Time factors
MFA credential categories include:
- Answers to personal security questions
- Codes generated by smartphone apps
- Codes sent to an email address
- Soft tokens, certificates
- Badges, USB devices, or other physical devices
- Facial recognition
- Retina or iris scanning
The latest MFA solutions incorporate additional factors such as context and behavior when authenticating. Such as:
- Location of a user, when trying to obtain access
- Time of day when a user is trying to access
- The device a user is using
- Network user is connected to
The primary benefit of multi factor authentication is that it provides additional security by adding layers of protection. The more layers of protection, the lower the risk of an intruder gaining access to systems and data.
In Data Defined, we help make the complex world of data more accessible by explaining some of the most complex aspects of the field.
Click Here for more Data Defined.