Multi Factor Authentication

There are three categories of factors used for User Authentication.

  • Knowledge: something only the user knows
  • Ownership: something only the user has
  • Inherence: something only the user is

Multi-Factor Authentication (MFA) uses factors from more than one category for authentication. It does not mean using multiple factors from the same category—the categories must be different. It is also often referred to as Two-Factor Authentication (2FA) since typically only two out of the three categories are used.

A bank ATM is a classic example of MFA.

  • Something only the user has = ATM card
  • Something only the user knows = PIN number

Online Multi-Factor Authentication

Online MFA most often uses:

  • Something only the user knows = password
  • Something only the user has = cell phone, email account

Multi-Factor Authentication is more secure than traditional password authentication. An attacker must have more than a stolen or cracked password to gain access or make important changes.

Because it increases security, Multi-Factor Authentication is becoming very common. Major websites like Facebook, Twitter, Google, LinkedIn, Amazon, eBay, Github, and Dropbox all either offer MFA as a user option or require its use. A list of the many companies which offer MFA is available at twofactorauth.org.

Fork me on GitHub