Multi-factor authentication (MFA) is an authentication method that requires two or more methods of verification. It creates a layer of security to make it more difficult for an unauthorized entity to gain access. After entering a username and password, MFA requires additional verification factors to secure your account. MFA is an important feature of a strong identity and access management (IAM) system.  

 

Sometimes, passwords alone aren't enough to verify an identity. MFA requires multiple pieces of evidence to verify an identity. Even if the hackers successfully crack the user's password and pass the first layer of security, they won't be able to penetrate through the other security layers.

 

MFA involves a combination of these factors for authentication: 

 

1. Knowledge factor (something you know)

a) Passwords

b) Answers to personal questions

 

2. Possession factor (something you have)

a) OTP generated by a mobile application or sent via text or email

b) Tokens and certificates

c) Hardware security keys such as YubiKey and Titan Security Key

 

3. Inherent factor (something you are)

a) Fingerprints

b) Face and retinal scanning

c) Voice recognition