Multi-Factor Authentication

Overview

Multi-Factor Authentication (Also known as MFA, Dual-Factor or Two-Factor Authentication) adds an additional level of security to software or devices that you access, by requiring you to verify your identity using more than one method. This article identifies what MFA is, its importance in maintaining data security, and ways you may encounter it. 

 

Audience

Public

 

Information

"Authenticating" means logging in to access a device or a software. When you authenticate, you provide account credentials, such as a username or ID, and password or PIN. Ideally, this proves to the software or device that you actually are who you are claiming to be, and therefore allowed to access. However, data breaches, password/identify theft, and phishing to steal account information have become increasingly more complicated and utilized over the past few years, and only having one means of authentication may no longer be a feasible option for protecting your account security, especially if you have access to valuable or confidential data and information. many companies and organizations, big and small, have begun to require multi-factor authentication for their employees' accounts to protect against the risk of accounts being compromised or data being stolen. 

Simply put, having multiple means of verifying your identity protects you and your accounts better.

Some authentication factors of a multi-factor authentication scheme may include:

  • Something the user has: Some physical object in the possession of the user, such as a security token (USB stick), a bank card, a key, an ID card, etc.
  • Something the user knows: Certain knowledge only known to the user, such as a password, PIN, shape/pattern, or an answer to a security question. 
  • Something the user is: Some physical characteristic of the user (biometrics), such as a fingerprint, eye iris, voice, or facial recognition. 
  • Somewhere the user is: Some connection to a specific computing network, or using a GPS signal to identify a specific location.

A good example of two-factor authentication is the withdrawing of money from an ATM; only the correct combination of a bank card (something the user possesses) and a PIN (something the user knows) allows the transaction to be carried out. 

Many everyday activities you may participate in already incorporate forms of multi-factor authentication, and may even involve more complex mechanisms. Using machine learning, a part of bank fraud detection involves active multi-factor assessment in "flagging" fraudulent activity. In the above example, if you typically use a debit card in Jersey City NJ, but suddenly make several ATM withdrawals in Moscow USSR, even though you have verified your identity, the activity being performed is markedly different, which raises concerns.  

When Multi-Factor Authentication is enabled on an account you have, you are typically given several different choices that you may use as an authentication method. For example, if Multi-Factor Authentication is enabled on your Google Account, you will be asked to set up an additional verification code that will be used along with your password to verify your identity when signing into your Google account. This typically involves:

- Receiving and verifying a notification on your mobile device.

- Entering in information about your Mobile phone number, or providing an alternate email address

- Using a generated passcode that can be accessed via your phone or another device you are currently logged into. 

This provides you with multiple ways to access your account, even if one of them is currently unavailable to you. 


The Google Authenticator app: 

https://support.google.com/accounts/answer/1066447?hl=en&ref_topic=2954345 

Conclusion: 

 

 

 

Details

Article ID: 136136
Created
Mon 7/26/21 10:25 AM
Modified
Wed 9/22/21 2:36 PM