What is Multi-Factor Authentication?
Multi-factor authentication (MFA), also sometimes called two-factor authentication (2FA), is an electronic authentication method that requires users to provide two or more verification factors to gain access to a resource, such as a website, application or VPN. Unlike traditional login methods that rely solely on a username and password, MFA adds an extra layer of security by requiring an additional piece of evidence to confirm the user’s identity.
MFA typically requests information that covers one of the three areas:
- Something you know: This is typically the user’s password or PIN.
- Something you have: This could be a smartphone with an authentication app, a security key, or a hardware token.
- Something you are: Biometric authentication methods like fingerprint scanning or facial recognition can also be used as a factor in some MFA implementations.
Benefits_
- Enhanced security: MFA significantly increases the difficulty for unauthorised users to access a user account, even if they manage to steal a password.
- Reduced phishing risk: Phishing attacks that trick users into revealing their passwords become less effective with MFA, as attackers would also need to steal or bypass the additional verification factor.
- Improved compliance: Many industry regulations and compliance standards require the use of MFA for access to sensitive data.
Examples_
- Microsoft Authenticator App: This is a popular MFA option offered by Microsoft. Users can install the app on their smartphone and receive approval notifications or enter a code displayed on the app to verify their login attempts.
- SMS verification: Some organizations might allow verification codes to be sent via SMS text message to a registered mobile phone number.
- Security Keys: Hardware security keys offer a more robust MFA option, requiring physical possession of the key in addition to the password for login.
Microsoft 365 offers robust MFA capabilities that can be integrated with various verification methods. Microsoft actively promotes MFA adoption as a critical security measure for protecting user accounts and organisational data.
Azure Active Directory (Azure AD) Multi-Factor Authentication: This service allows organisations to centrally manage and enforce MFA policies for Microsoft 365 and other cloud-based applications.