Multi-factor Authentication
Multi-factor Authentication (MFA) is the use of more than one factor to prove the identity of a user.
Factors
One factor is typically a username or email and password combination. This is the basic log-in functionality that most websites require users to create when initially signing up for an account.
Other factors, depending on the verification system, include the following:
- A physical item belonging to the user (e.g., a mobile phone).
- A personal identity number (PIN), key, or token that only the user should know prior, or an authentication code that is e-mailed, texted, or phoned-in to the user in real-time.
- Some biometric marker for the user (fingerprints, voice-recognition, key-stroke patterns, etc.).
- Information about the user’s geolocation.
Examples
ATMs often require a physical card and a memorized PIN to successfully withdraw cash.
Secure sites, like GitHub, allow users to enable MFA through a PIN that’s sent to the user’s physical device like a mobile phone or tablet. This is very secure because to be verified, a person would need the physical device which probably has a PIN and biometric marker factor.
More factors in the verification process results in greater security.