Multi-Factor Authentication (MFA) is a security system that verifies a user’s identity by requiring multiple credentials. It is a critical component of identity and access management (IAM). Rather than just asking for a username and password, MFA requires other—additional—credentials, such as a code from the user’s smartphone, the answer to a security question, a fingerprint, or facial recognition.
MFA is an effective way to provide enhanced security. Traditional usernames and passwords can be stolen, and they’ve become increasingly more vulnerable to brute force attacks. MFA creates multiple layers of security to help increase the confidence that the user requesting access is actually who they claim to be. With MFA, a cybercriminal may steal one credential but will be thwarted by having to verify identity in a different manner.
Examples of Multi-Factor Authentication include using a combination of these elements to authenticate:
When it comes to MFA, we typically refer to three types of authentication factors:
The latest MFA solutions incorporate additional factors by considering context and behavior when authenticating. For example:
Often called Adaptive Authentication, this type of MFA leverages artificial intelligence (AI) and machine learning to flag logins that are out of the ordinary and adjust enforcement of MFA based on the level of risk. When a user exhibits atypical behavior such as logging in from a new location or unusual time, adaptive authentication tightens security by requesting additional authentication factors, such as an email verification code or biometric verification.
Conversely, it can also reduce or remove the MFA requirement if the login exhibits typical user behavior. This allows admins to both enable quick access and mitigate additional security risk when employees and executives work remotely.
For example, if a user decides to login from a cafe during their lunch break—and this is not typical for that user—the MFA tool may require the user to enter a code texted to the user’s phone to verify they are who they say they are. If this then becomes a regular occurrence, the risk engine will eventually learn that user’s behavior and stop requiring submission of an additional authentication factor, if enabled by the admin.
In either context, adaptive authentication makes remote work more convenient–by learning that user’s behavior overtime–without compromising on security. All in all, MFA provides that critical layer of security and leveraging AI for risk-based authentication improves security while minimizing disruptions for end users.
Download the ebook to find out how you can use AI-powered multi-factor authentication (MFA) to help protect your company.Learn More
See how MFA can protect against many different, common types of cyberattacks.Read More
Find out what to look for in a Multi-Factor Authentication solution.View Checklist
Learn how authentication evolved from simple usernames and passwords to adaptive MFA in this fun infographic.See Infographic