Back to Glossary
AuthenticationHigh

Multi-Factor Authentication (MFA)

A security mechanism that requires two or more methods of verification before granting access

Skill Paths:
Identity and Access ManagementAuthentication SystemsSecurity Fundamentals
Job Paths:
Identity and Access Management SpecialistSecurity AnalystSecurity EngineerIT Administrator
Relevant Certifications:
CISSPCompTIA Security+SANS GSECMicrosoft Security Certifications
Content

What is MFA?

Multi-Factor Authentication strengthens account security by requiring users to present two or more verification factors. Even if one factor (like a password) is compromised, an attacker still can't access the system without the others.

MFA Factors

  1. Something you know – Password, PIN
  2. Something you have – Phone, token
  3. Something you are – Biometric traits

Best Practices

  • Combine different types of factors
  • Use app-based authenticators over SMS when possible
  • Enforce MFA for all admin and sensitive access
  • Monitor for MFA fatigue attacks
Quick Facts
Severity Level
9/10
Types of Factors

Knowledge, Possession, Inherence

Goal

Reduce identity-based attacks

User Impact

Slightly more friction for much more security

Example

Login requires password + fingerprint scan

Related Terms
Authentication

Verifying identity before access

2FA

Using two verification methods

Biometrics

Fingerprint, facial recognition, and other physical identifiers

Learn More
MFA Deployment StrategiesWhy MFA is Critical for Zero Trust