What Is Multi-Factor Authentication (MFA)?
Multi-factor Authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.
An MFA system is considered more secure than any single-factor authentication method because it makes it more difficult for an attacker to gain access. Even if an attacker successfully breaches one layer of the authentication process, they still have at least one more barrier to bypass before accessing the target account, data, or system.
For example, a commonly used MFA method is two-factor authentication (2FA), where the user provides a password (something the user knows) and then enters a code that was sent to their mobile device (something the user has).
Another example might involve a bank card transaction (something the user has), where the user must also enter a PIN (something the user knows). If biometrics were added to this scenario, such as fingerprint recognition (something the user is), it would become an example of three-factor authentication (3FA).
MFA is typically employed in environments that require higher security levels, such as online banking, corporate networks, or when accessing confidential data.
The design of an MFA system requires a balance between enhanced security and user convenience. To achieve this balance, MFA systems often consider context and adaptiveness in their authentication process, such as the user's location, the device being used, and the sensitivity of the data or system accessed.