Multi-Factor Authentication

The process of identifying an individual, usually based on user name and password

Authentication is distinct from authorization , which is the process of giving individuals access to system objects (programs, data etc) based on their identity

Authentication merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual

What’s a Factor?

An authentication factor is an independent category of credential used for identity verification.

Three most common categories are described as –

  • something you know (password)
  • something you have (token)
  • something you are (bio-metric)

Multi-Factor Authentication

Multi-factor authentication (MFA) involves two or more independent credentials for more secure transactions; systems with more demanding requirements for security, location and time are sometimes added as fourth and fifth factors.

 

Why Use It?

Passwords on their own are no longer secure; most can be broken by “brute force” or “dictionary” attacks in less than a minute

Using Multi-factor to authenticate users adds an additional layer of security

More factors added – the more secure the process becomes

Single-Factor Authentication

Single-factor authentication  is based on only one category of identifying credential

The most common SFA method is the familiar user name and password combination

 

Two-Factor Authentication

Two-factor authentication  is based on a combination of two categories of identifying credential – the most common SFA method is the familiar bank ATM card – PIN number (something you know) and the Bank Card (something you have)

For any system or network that contains sensitive data, it’s advisable to add additional authentication factors.

 

Who Uses It?

Twitter’s got it.

Apple’s got it, too.

Google, Microsoft, PayPal, Facebook, eBay and Amazon have had it for a while