Multi-Factor Authentication (MFA) requires the user to provide two or more methods to verify their identity in order to access a resource. Instead of just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber-attack.
Solely having a username and password can leave you vulnerable to brute force attacks and can also be stolen by threat actors. Enforcing the use of MFA in a business can increase confidence that your company is safer than it was.
MFA comes in many forms; some use biometrics such as fingerprints to verify a user, others can use physical hardware keys, while the most common form of MFA is likely to be one-time passwords. One-time passwords are 4+ digit codes which are sent to a user’s previously confirmed email, phone number or application. A new code can be generated either periodically or each time an authentication request is submitted.
Another type of MFA which is starting to be used is location-based verification. This usually looks at a user’s IP address or geo-location and if the information does not match the whitelist (a mechanism which explicitly allows some identified entities to access a particular privilege or service), it can block the user from accessing the site. Adaptive Authentication is another form of verification that can be used for MFA.
Adaptive Authentication analyses additional factors when a user tries to log in and uses these values to assign a risk level associated with the login attempt. This can be based on a multitude of things such as location; the time of day and what information is trying to be accessed; the kind of device used; and whether a connection is via a private or public network.
The answers to these questions determine whether a user is required to provide an additional authentication factor or whether they will even be allowed to log in. Any effective and enforced Multi-Factor Authentication strategy will undoubtedly save any organisation time and money in the future.