Why MFA? With the security concerns rapidly popping up all over the web, a simple password might not be enough to keep you protected while online. Multi Factor Authentication (MFA) is used as another layer of protection to your online accounts. But how does it work?
MFA works by requiring additional verification information. Three main categories for additional verification include knowledge, possession, and inherence. Most systems and services require at least 2 of these categories to properly secure your account. Below is a list of these categories and different methods used for each.
Knowledge (Things you know)
- Answers to personal security questions
- Passwords or PINs
Possession (Things you have)
- OTP Codes generated by smartphone apps (Google Authenticate/ Microsoft Authenticate)
- OTP Codes sent to you via Text or Email
- Access Badges, USB devices, Smart Cards, Security Keys or fobs
- Software tokens and certificates
Inherence (Things you are)
- Fingerprints
- Facial recognition
- Voice recognition
- Retina or Iris scanning
- Other Biometrics or behavior-based methods
Any combination of methods listed above allow users to breathe easy knowing they’re secure even if your password does become compromised. Without having access to your phone, email, physical devices, or any of your biological methods of authentication, a malicious intruder cannot be authenticated and make their way into your account.