Multi Factor Authentication (MFA)

This page aims to explain in a simple way what multi factor authentication is(MFA).

What is authentication ?

Authentication is a process which allows someone to prove one's identity to a system in order to access to a private or restricted area such as web applications, social media account, personal computer, and so on.

There a bunch of possibilities to prove one's identity. I can be done using:

something you know: credentials, passphrase.
something you are: fingerprint, facial recongnition.
something you have: SMS, authentication software, yubikey, ....
somewhere you are: geolocalisation, IP address.
: resolve a puzzle, pick some images

Why multi factor authentication (MFA) ?

Very often, a single authentication method can be bypassed.

People use weak credentials and reuse them across multiple platforms, creating a common vulnerability that can be exploited using various techniques.
Fingerprints can be imitated, and geolocation or IP addresses can be spoofed.

This is where multi-factor authentication (MFA) comes in. The idea is to implement multiple authentication techniques to strengthen the security of a system.

The drawback of MFA is that it can be inconvenient, as it makes the authentication process longer. This is why MFA is often used for authentication when accessing a system from a new device.

References

Backgroung image: https://www.uscybersecurity.net/mfa/

PreviousIAM NextNetwork Security

Last updated 8 months ago