Multi-Factor Authentication – What Is It?
Security breaches are unfortunately becoming everyday occurrences, and companies must be vigilant about protecting their online data. One security system widely utilized is Multi-Factor Authentication (MFA).
Multi-Factor Authentication combines two or more independent credentials in order to gain access to a system. These credentials include something the user knows (e.g., password), something the user has (e.g., token device/smart card/smart phone) or something the user is (e.g., biometric verification).
Why Implement Multi-factor Authentication?
The goal of MFA is to create a multilayered approach thereby making it difficult for any unauthorized person to gain access to a system, physical location, computing device, network or database. If one factor is defeated, such as a password, the attacker will still need the other factor—token device or biometric verification, for example—in order to gain access to the system.
Typical situations of Multi-Factor Authentication include:
- password + security token (something you know + something you have)
- PIN + thumbprint scan (something you know + something you are)
- retina scan + smart card (something you are + something you have)
Having a password and a PIN does not count as multi-factor authentication because both belong to the same factor (something you know). To be considered MFA, both factors have to be from different categories.