Multifactor Authentication

MFA

Two Factor Authentication Graphic

As cyber-criminals become more and more adept at accessing our online information, our manner of defending against such attacks must also evolve. One way we can keep our information safe is via a security feature called Multifactor Authentication (MFA).

The purpose of MFA is to create what cybersecurity experts call a “layer of defense” against hackers and intruders. For example, in order to access your email, you typically have to enter a password. A password is one layer of defense – one way of proving to the email client that you are authorized to access that inbox.

But what if someone else gets access to that password? That layer of defense is now compromised. Though you did not give this person permission to log into your account, the system does not know the difference since that person entered your password.

MFA provides you with *multiple* layers of defense, making it more difficult for unauthorized persons to gain access to your accounts. These layers consist of methods that are more difficult for an unauthorized person to get around. Going back to the email example, instead of just entering a password, the email client may now ask for both a password and a 4-digit code sent to your mobile phone.

MFA has several authentication methods. Credentials used to verify your identity via MFA typically include:

  • Something you know (password, PIN).
  • Something you have (swiping a badge, using a smartphone to get a code or scan a QR code).
  • Something you are (voice recognition, retina scan, fingerprint scan).
2FA Graphic

Though MFA is not 100% foolproof, it has become a rather reliable way to keep our personal accounts secure in this day and age. To learn more about MFA, please visit the following pages:

Microsoft Support: What is: Multifactor Authentication

US Cybersecurity & Infrastructure Security Agency: Multi-Factor Authentication | CISA