MFA.

Multi-factor Authentication

Multi-factor authentication (MFA) is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something the user and only the user knows), possession (something the user and only the user has), and inherence (something the user and only the user is).

Two-factor authentication (also known as 2FA) is a type, or subset, of multi-factor authentication. It is a method of confirming users’ claimed identities by using a combination of two different factors: 1) something they know, 2) something they have, or 3) something they are.

A good example of two-factor authentication is the withdrawing of money from an ATM; only the correct combination of a bank card (something the user possesses) and a PIN (something the user knows) allows the transaction to be carried out.

Two other examples are to supplement a user-controlled password with a one-time password (OTP) or code generated or received by an authenticator (e.g. a security token or smartphone) that only the user possesses.

Conceptual authentication methods image

Readings/Reference Materials:

https://searchsecurity.techtarget.com/definition/multifactor-authentication-MFA

https://www.cnet.com/news/two-factor-authentication-what-you-need-to-know-faq/

https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-howitworks

https://www.nist.gov/itl/applied-cybersecurity/tig/back-basics-multi-factor-authentication

Multi-Factor Authentication (MFA) helps safeguard access to data and applications while maintaining simplicity for users. It provides additional security by requiring a second form of authentication and delivers strong authentication via a range of easy to use authentication methods. Users may or may not be challenged for MFA based on configuration decisions that an administrator makes.

Videos:

https://youtu.be/JMmskcQlPPk

https://www.youtube.com/watch?v=07mRDyydCNY

https://www.youtube.com/watch?v=7GPNWhO6XiA

Assignment Questions:

1)      What is multifactor authentication and what are some examples?

2)      Ending all online crime is not a realistic goal, but simple steps can massively reduce the likelihood you’ll be the next victim.  Explain how multifactor authentication works.

3)      List 5 reasons to turn on multifactor authentication?

Provide at least two additional links to articles related to multifactor authentication.

MFA