Cybersecurity
MFA
Definition
Multi-factor authentication (MFA) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism.
Why It Matters
MFA provides a critical layer of security on top of just a password. Even if an attacker steals your password, they cannot log in without the second factor. It is one of the most effective security measures you can enable.
Contextual Example
When you log into your bank account, after entering your password (something you know), you are prompted to enter a 6-digit code from an app on your phone (something you have). This is MFA.
Common Misunderstandings
- Two-factor authentication (2FA) is a specific type of MFA that uses exactly two factors.
- The factors are typically categorized as: something you know (password), something you have (phone, security key), and something you are (fingerprint, face scan).