Relying on passwords alone leaves companies vulnerable to cyberattacks. Multi-factor authentication (MFA) provides an added layer of security by requesting multiple verification factors to authenticate a digital user’s identity before granting access to applications, accounts, etc.
MFA verification factors come from one of four categories:
If a user fails to authenticate using one of these factors, or if one factor has been compromised, the MFA system can request additional information to verify a user’s identity
The clearest benefit of MFA is the added security it offers both customers and companies by eliminating dependence on the password, a weak link in the security chain. However, there are even more advantages:
MFA enhances the overall UX by providing a user-friendly approach to security that still offers incredibly strong protections. This helps ensure that users and customers remain loyal to products, services, and companies.
For more information on digital customers' most popular login methods, see our blog.
As mentioned, MFA is a security method that requires users to provide two or more authentication factors to verify their identity before gaining access to data, services, and applications. One of the most common and familiar forms of MFA is two-factor authentication (2FA), which has been around for decades. However, both 2FA and MFA have gained greater traction with the advent of new technologies, like biometric authentication and hardware tokens, which have proven to be reliable and secure factors.
For 2FA and MFA to provide strong protection, at least two distinct factors from the aforementioned categories must be provided for verification and authentication. For example, a password and a fingerprint or a facial scan and a hardware token. Requesting two factors from the same category — for example, a password and a security question — is not considered MFA.
One of the most widely used factors is the one-time password (OTP). This refers to the 4-8 digit code that companies provide via email, SMS, or push notification. They are only generated upon request and on the basis of a user seed value, which is already determined during the initial registration process, and a counter, to avoid duplicate codes.
Why Is Multi-Factor Authentication Important?
Multi-factor authentication is important because it provides an extra layer of security beyond a password. Passwords can be easily guessed, stolen or hacked, but MFA requires an additional factor that is much harder to obtain. This makes it much harder for attackers to gain unauthorised access to sensitive information and systems.
How Does MFA Reduce Account Theft?
Because MFA does not rely solely on passwords, it can help limit the damage if a password is stolen or compromised.
More detailed information in our multi-factor authentication glossary.
Which Companies Should Use MFA?
Every company that uses user logins should use MFA. It is especially important for sensitive data, such as bank accounts, email accounts or cloud storage.
What Factors Can Be Used for MFA?
There are three types of factors that can be used for MFA: