Multifactor Authentication (MFA)
Multifactor Authentication (MFA) enhances security by requiring users to verify their identity using multiple methods before gaining access to an account, application, or system. Unlike single-factor authentication (usually just a password), MFA combines two or more independent factors from different categories:
________________________________________
- 1. Something you know: A password, PIN, or answer to a security question.
- 2. Something you have: A physical device like a smartphone, hardware token, or smart card.
- 3. Something you are: Biometric data such as fingerprints, facial recognition, or iris scans.
By requiring multiple factors, MFA significantly reduces the risk of unauthorized access. Even if an attacker steals a password, they still need the second (or third) factor, which is much harder to obtain.
Common examples of MFA include:
- Receiving a one-time code via SMS or email.
- Using an authenticator app (like Google Authenticator) to generate time-based codes.
- Biometric login methods like fingerprint or face recognition on smartphones.
- Physical security keys (e.g., YubiKey).
MFA is widely used for securing online banking, email accounts, corporate networks, and more, making it a critical tool in modern cybersecurity.