multifactor authentication (MFA)

Multifactor authentication (MFA) is a security system that requires more than one form of authentication to verify the legitimacy of a transaction. MFA combines two or more independent credentials: what the user knows (password), what the user has (security token) and what the user is (biometric verification).

Multifactor authentication (MFA) is a security system that requires more than one form of authentication to verify the legitimacy of a transaction.

Multifactor authentication combines two or more independent credentials: what the user knows (password), what the user has (security token) and what the user is (biometric verification).

The goal of MFA is to create a layered defense and make it more difficult for an unauthorized person to access a target such as a physical location, computing device, network or database. If one factor is compromised or broken, the attacker still has at least one more barrier to breach before successfully breaking into the target.

In the past, MFA systems typically relied upon two-factor authentication. Because consumers are increasingly using mobile devices for banking and shopping, however, physical and logical security concerns have converged. This, in turn, has created more interest in three-factor authentication.

 

Typical MFA scenarios include:

  • Swiping a card and entering a PIN.
  • Downloading a VPN client with a valid digital certificate and logging into the VPN before being granted access to a network.
  • Logging into a website and being requested to enter an additional one-time password (OTP) that the website's authentication server sends to the requester's phone or email address.
  • Swiping a card, scanning a fingerprint and answering a security question.
  • Attaching a USB hardware token to a desktop that generates an OTP and using the one-time password to log into a VPN client.

In the United States, interest in multifactor authentication has been driven by regulations such as the Federal Financial Institutions Examination Council (FFIEC) directive calling for multifactor authentication for Internet banking transactions.

See also: defense in depth, single-factor authentication (SFA)

This was first published in June 2014

Continue Reading About multifactor authentication (MFA)

Dig deeper on Two-Factor and Multifactor Authentication Strategies

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

1 comment

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close