Home / Definitions / Multi-factor Authentication (MFA)

Multi-factor Authentication (MFA)

Siji Roy
Last Updated September 30, 2022 3:31 am

Multi-factor authentication (MFA) is an electronic authentication process that provides extra layers of security to an application or service against various cyber attacks. Also referred to as 2-factor authentication (2FA), MFA requires a minimum of two pieces of authentication to log in to an application either through verification code, biometrics, or browser notifications. 

Why do businesses use MFA? 

MFA protects businesses of all sizes from the most common types of cyber attacks: phishing, credential stuffing, keyloggers, and more. MFA plays a crucial role in all business data including sensitive data, login credentials of all applications, files, and organization’s credit/debit card details, etc., secure from hackers.

  • MFA provides multiple layers of security for businesses and their employees and consumers.
  • MFA protects business applications, networks, servers and systems against the most common and more complex cyber attacks.
  • MFA works with existing Single Sign-on solutions to facilitate access to all business applications.
  • MFA eliminates the risk of poor password behavior such as password reuse.

Why do remote workers need MFA? 

MFA also protects the personal devices of those who work remotely from cyber attacks, as well as ensuring those devices don’t unknowingly play a role in a security breach. Remote workers are often targets of hackers. When a hacker attempts to access any remote worker’s system, the user gets an MFA notification that allows them to act quickly by informing the company administrator of the hack attempt, or by changing the password.   

How does MFA work?

When users try to log into their accounts, MFA verifies the user’s identity by using other available factors than username and password. MFA works using a combination the following principles: 

  • Knowledge: Factor that requires the user to know something no one else would—typically a password or PIN.
  • Possession: Factor that using something you have in your possession, such as a mobile phone, smart card, key fob, or similar device.
  • Inherence: Factor that’s based on who you are based on verified biometrics.
  • Location-Based: Factor identifies specific devices in particular locations.
  • Risk-Based: RBA applies stringent measures to the authentication process.

Top features to look for in MFA solutions 

Multiple options are available that meet the needs of small and medium businesses, as well as global enterprises. However, reputable options should all include the following core features:

  • Multiple authentication methods: Multiple authentication methods provide users the flexibility to choose verification methods from many.
  • Cloud-based MFA: Cloud-based MFA reduces set up cost and saves time.
  • Hard and soft tokens: Gives users the option to select hard tokens such as smart cards or key fob to allow access, and soft tokens (an application) to generate one-time passwords (OTP)
  • Easy integrations: The solution should easily and securely integrate with applications, networks, and accounts.
  • Customization: Policies can be established to allow different types of MFA based on device type, location, access levels, and more.

Compare top MFA solutions; read eSecurity Planet’s Best LastPass Alternatives.