A-Z Glossary of Information Security and Social Engineering Terms

Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA)

Passwords have an inherent weakness as they can be stolen, guessed or brute-forced. As a result, hardware manufacturers and software providers decided this more secure authentication solution was needed. With multi-factor authentication, the user must authenticate by using two or more separate forms of identification. The classic example of multi-factor authentication in action is a bank customer having to use a card and a PIN to withdraw money from an ATM. Having just one “factor” will result in the authentication process failing and the customer being unable to withdraw cash. Multi-factor authentication can also be applied to email services, such as Gmail, and cloud storage providers, such as Dropbox. Once enabled, the user needs a secondary code (typically sent to a smartphone) or a hardware token to login. This helps to thwart attackers with stolen passwords from logging into a multi-factor secured account. Multi-factor authentication is also commonly referred to as two-factor (2FA) authentication.

Got a question?

If you would like to make an enquiry about any of our services click the "Contact Us Now" button and fill in your details.