Multi-factor authentication (MFA)

is a security method that requires users to provide more than one piece of evidence to verify their identity.

• it uses a combination of:
• something you know: password, pin, security question
• something you have; a physical device such as a smartphone, token, or smart card
• something you are; fingerprint, face recognition, voice, retina, a unique biometric feature
• the login will be with something you know and one of the other two.
• As a second factor, it is common to use:
• SMS, Email, authenticator apps, push notifications, device tokens, smart cards, and biometrics
• pros: improves security, avoids fraud, and increases the trust of users
• cons: technical challenge, user inconvenience, risk of losing the second factor (hardware device)
• MFA is advised for sensible accesses such as cloud admin accounts, sensitive information, etc.