// THREAT DETECTION AND DATA PRIVACY TERM
Multi-Factor Authentication
Multi-Factor Authentication (MFA) is a security process that requires users to provide two or more different pieces of evidence to prove their identity before gaining access to an account or system. This adds an extra layer of protection beyond just a username and password.
TECHNICAL DEFINITION
Multi-Factor Authentication (MFA) is a core identity and access management (IAM) security control that enhances user authentication by requiring at least two independent verification factors from distinct categories: knowledge (e.g., password), possession (e.g., security token, mobile app), and inherence (e.g., biometrics like fingerprint). This layered defense mechanism significantly mitigates the risk of unauthorized access resulting from compromised credentials.
BACKGROUND
Computer security is a subdiscipline within the field of information security. It focuses on protecting computer software, systems, and networks from threats that can lead to unauthorized information disclosure, theft, or damage to hardware, software, or data, as well as to the disruption or misdirection of the services they provide.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- MFA
- Two-Factor Authentication
- 2FA
- Two-Step Verification
- Layered Authentication
- Strong Authentication
USAGE NOTE
While MFA is the broader term, 'Two-Factor Authentication' (2FA) is often used interchangeably, though it specifically refers to using exactly two factors.
DEVELOPERS
Organizations developing technology related to Multi-Factor Authentication.
A leading identity and access management company that provides a suite of products, including Single Sign-On, Universal Directory, and advanced Multi-Factor Authentication solutions like Okta Verify.
A user-centric access security provider, now part of Cisco, specializing in two-factor and multi-factor authentication. Their platform verifies user identities and device health before granting access to applications.
The creator of the YubiKey, a hardware security key that provides strong, phishing-resistant multi-factor authentication. They are a key proponent of open authentication standards like FIDO2 and WebAuthn.
Develops and integrates MFA deeply into its ecosystem through Azure Active Directory and the Microsoft Authenticator app, offering methods like push notifications, biometrics, and passwordless sign-in for its cloud and enterprise services.
A global technology leader in aerospace, defense, and digital security. Their Cloud Protection & Licensing division offers the SafeNet Trusted Access platform, which provides a broad range of MFA solutions and authentication methods.
An enterprise-focused identity security company that provides an intelligent MFA solution. It uses adaptive authentication policies to assess risk and prompt for additional factors when necessary, supporting a wide array of authentication methods.
A long-standing cybersecurity company famous for its SecurID hardware tokens. They continue to evolve their offerings with modern MFA solutions that support mobile push, biometrics, FIDO tokens, and risk-based authentication.
Provides MFA through the widely used Google Authenticator app for generating time-based one-time passcodes (TOTP). They also develop hardware-based solutions like the Titan Security Key and integrate advanced MFA into their Cloud and Workspace platforms.