What is Multi-Factor Authentication and Why is It Necessary?
Many people have heard the basics of account protection: Get a password manager for your online accounts, make your passwords complex and never reuse them.
But what about Multi-Factor Authentication? What is Multi-Factory authentication, what’s so special about it, and why is it needed?
Multi-Factor Authentication (MFA), also sometimes known as Two-Factor Authentication (2FA), adds another layer of security to the sign-in process giving accounts further protection against unauthorized access. MFA requires multiple (two or more elements) to be used in order to grant full authentication.
Multifactor authentication consists of 3 major things:
- Something you know: This can be a password, or the answer to a security question that cannot be easily guessed.
- Something you have: This can include your phone, a mobile authenticator app that receives a notification or a token.
- Something you are: This can be some sort of biometric, such as a fingerprint as seen in Apple’s TouchID or facial scan which is also becoming increasingly popular.
Multifactor Authentication limits the impact of credential exposure, thus increasing the security of your identity. A malicious actor, or would-be attacker, who has obtained a user’s password would need further information, such as possession of the user’s phone or their face/fingerprint, in order to authenticate fully. Just having the password alone would be insufficient and the attacker would be denied full access to the targeted account. Having this extra layer of security obviously has added security benefits and it is highly recommended by security professionals and organizations that users should have multi-factor authentication enabled whenever possible.
More info: Back to basics: Multi-factor authentication (MFA)–[NIST]