What is MFA?
Multi-Factor Authentication (MFA) is a security measure that protects individuals and organizations by requiring users to provide two or more authentication factors to access an application, account, or virtual private network (VPN). This adds extra layers of security to protect against more sophisticated cyberattacks, since usernames and passwords can be stolen, exposed, or sold by third parties.
Just as an organization may use different layers of physical security—such as a fence with a gate, a guard post, an ID reader, and door locks—an organization can also use MFA to provide multiple layers of virtual security. This ensures that anyone accessing the system, whether on-site or remotely, is both authorized and authenticated.
How does Multi-Factor Authentication (MFA) work?
A user is first asked for their username and password, the standard credentials used to log in. But then they must verify their identity through another method. The most common method is entering a code sent by email, SMS, a mobile authentication app, or to a secondary device. Other forms can include hardware that scans biometrics or pre-set security questions.
This second, or even third factor in the authentication process, verifies that the login attempt is genuine and not compromised.
Types of authentication factors include:
- Knowledge factors
- Possession factors
- Inherent factors
- Behavioral factors
Key benefits of Multi-Factor Authentication
MFA provides protection for both organizations and individual users.
For organizations:
- Increased protection: Security breaches cause loss of data, time, and money. MFA helps protect these valuable assets.
- Safe remote work environment: Employees can securely access all systems and data they need, improving productivity. MFA supports flexible and agile remote work.
- Defense in depth: Multiple layers of security ensure that if one layer is compromised, other layers provide backup and protection.
For users:
- Identity protection: Even if some user data is compromised, MFA protects the user’s overall identity from unauthorized access.
- Security in remote work: Easy, secure access boosts productivity and provides a user-friendly experience.
- Data protection: Users accessing an organization’s systems can trust that their personal data is protected from cyber threats.
Technology needed to support MFA
Several technologies must be adopted and implemented to support MFA, such as:
- Biometrics: fingerprint readers, retina scanners, facial recognition software
- Security tokens: USB hardware authenticators, key fob tokens, ID cards
- Software tokens: app-based tokens, push notifications, QR-based tokens
- SMS tokens: temporary codes sent via text message to a mobile device
Non-exhaustive list of software where MFA is strongly recommended
- Google Workspace
- Microsoft 365
- Slack
- Odoo
- GitHub
Source :