How MFA enhances security by requiring multiple verification factors.
Multi-Factor Authentication (MFA) is a security enhancement that requires a user to provide two or more pieces of evidence (or 'factors') to an authentication mechanism to prove their identity. It adds a critical second layer of security, making it much harder for an unauthorized person to access an account. Even if an attacker steals a user's password, they would still need the additional factor(s) to log in. MFA relies on combining factors from at least two of the following three categories: 1. Knowledge Factor ('something you know'): This is the most common factor and typically refers to a password, PIN, or the answer to a secret question. 2. Possession Factor ('something you have'): This refers to a physical object in the user's possession. Examples include a smartphone (which can receive a one-time code via SMS or a dedicated authenticator app like Google Authenticator or Authy), a hardware security key (like a YubiKey), or a smart card. 3. Inherence Factor ('something you are'): This refers to a unique physical attribute of the user, also known as biometrics. Examples include fingerprints, facial recognition, iris scans, or voice patterns. By requiring verification from different categories, MFA significantly increases the difficulty of a successful attack. For example, a common implementation is combining a password (knowledge) with a one-time code from an authenticator app (possession). Implementing MFA is one of the most effective single actions an organization or individual can take to improve their security posture.