What Is Multi-Factor Authentication (MFA)?

Multi-factor authentication is something every web-facing application owner needs to know. When you talk to information security people. They love their TLA (three letter two). It’s like a secret language. If you are not secretive about internal solutions. Your sites need to  upgraded to EV SSL certificates. And definitely require better SSH key management and your IAM solution. It lacks outh & UDF capabilities. Still with me?

I will add another abbreviation to the list – MFA. Multi-factor authentication is something every web-facing application owner needs to know. There is a lot of control over the many columns . That move online services and applications. Towards stronger options in password-to-user authentication.

Factor factor of Authentication

When we talk about multi-factor authentication, your memory is (1), yours is (2) and yours (3). Let’s look at these factors a little more.

Once there was a computer system people thought it was better. Also to store confidential information in the system. This information requires security. And a password is generated.

Passwords and other secrets (pin-code, passphrase) for


It depends on your memory. This is a secret only you know. Another widely used memory-based secret is the question and answer you only need to know. Q&A is more difficult to implement than a password. The answers are easy to find through third parties. Tough answers on the other hand are very difficult for the user to remember. The reason people use memory to explain need rather than knowledge is the fact that they forget. The mystery is useful if you want to remember it. not so useful to know your own wedding date if you forget the anniversary next week.

Forgetting a password can prevent you from entering the application. But forgetting anniversaries will prevent you from entering your home – at least for a while. Fortunately, in both cases there are recovery options. I leave it to you to guess which is more complicated and time consuming.

They felt that better security was needed and that it would not rely on user memory,

Or intentionally or unintentionally giving it to someone else. Or discovering it by breaking the database of stored secrets (passwords). Another item was born.

The second item was removed from the computer system. The new item means that the user has something. They could take it with you – and it’s hard to carry the mainframe with you. So the new item is small. This second factor was introduced in the late 90s . It in the form of PKI smart cards and USB-tokens, one-time-password lists or tokens.

Also Read: 5-finance-management-tips-for-freelancers

Time has passed and criminals have found new ways to dissolve these other causal systems. The amount of confidential information in apps and databases has increased. And more and more people need access to that information. Clever protectors of our data have found . That the user can also act as a factor.

Mission Impossible and Alien’s Science Fiction Style Access Control: Resurrection depends on the user’s physical characteristics . Content determination on fingerprint or breath. Unfortunately, the Star Trek Holodeck is not here yet. But there are biometric factors. Beyond the physical properties that can be scanned . New methods of generating a hereditary factor e.g. We can measure (continuously) the process of moving the mouse or type compared to previously recorded data.

Adding a ‘multi’ factor

When you consider a multi-factor authentication scheme, you need to add different elements. Password is not a multi-factor authentication method combined with Q&A. Subset of multi-factor authentication Two-factor authentication by combining two factors (2FA – again with TLAs). Another word that is widely used is ‘strong authentication’. All of these terms are ambiguous, leaving room for comment unless the multi-factor method uses more than 1 factor.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top