Multi-factor authentication (MFA)
is a security method that requires users to provide more than one piece of evidence to verify their identity.
- it uses a combination of:
- something you know: password, pin, security question
- something you have; a physical device such as a smartphone, token, or smart card
- something you are; fingerprint, face recognition, voice, retina, a unique biometric feature
- the login will be with something you know and one of the other two.
- As a second factor, it is common to use:
- SMS, Email, authenticator apps, push notifications, device tokens, smart cards, and biometrics
- pros: improves security, avoids fraud, and increases the trust of users
- cons: technical challenge, user inconvenience, risk of losing the second factor (hardware device)
- MFA is advised for sensible accesses such as cloud admin accounts, sensitive information, etc.