Multi-Factor Authentication, or MFA, is a form of authenticating users that utilizes more than one method of identification when connecting to a secure site or service. This provides an additional layer of security over traditional forms of single sign-on authentication, which require only one type of identification such as a password.
Also known as two-factor authentication, or 2FA, multi-factor authentication can take several forms, but most typically utilizes either a smartphone or a smart card in conjunction with a password or PIN. More advanced forms of MFA will sometimes rely on biometrics such as fingerprint recognition or retina scanning for the second form of authentication.
How Multi-Factor Authentication Normally Works
A user logging into a site secured with MFA will typically enter a password and then will have a code sent to the smartphone number (or email address) associated with the account. Only after the correct password and the authentication code have been successfully entered will the user be able to access the site or service.
While not completely foolproof, MFA does make it harder for hackers to log in to a user s account, as they would need to have both the user s password and access to their smartphone or similar device in order to correctly provide both forms of authentication.
As a result, MFA is typically deployed for protecting access to more sensitive or mission-critical information within an enterprise. MFA is also increasingly becoming a requirement in government mandates for regulation and compliance.