By IT Brew Staff
less than 3 min read
Definition:
Multi-factor authentication (MFA) is a security method that requires a user to utilize two or more independent verification methods (such as a passcode delivered to a phone plus a password inputted into a website) to access an account or system. This layered approach is critical because even if an attacker compromises one verification method (such as a user’s password), they will still lack the other necessary verification method(s).
For IT professionals, particularly those involved in cybersecurity, MFAn is a critical element in identity and access management (IAM). Viable verification methods include:
- Something the user knows. This can include a PIN, password, an answer to a security question, or something similar.
- Something the user has. This could be a smartphone with an authenticator app, a physical smart card, or a hardware key or token (such as a Bluetooth fob).
- Biometrics. A fingerprint, voice sample, or retina or face scan could act as a second verification factor to unlock a device or system.
For IT pros and cybersecurity experts, there are advantages to setting up a rigorous multi-factor authentication protocol for system access. In addition to reducing the risk of intrusion, it also gives IT teams more warning of a potential cyberattack, as many multi-factor verification systems can be configured to send alerts (and lock down accounts) after too many unsuccessful attempts to access a system.
AI can also help cybersecurity teams dynamically adjust their multi-factor verification systems in response to user behavior or organizational needs. For example, lower-risk users may be asked for less stringent verification methods, whereas ones with higher risk scores (such as contractors or guests) might have to jump through more hoops.
