Multi-factor Authentication (MFA)

Authentication, the process of confirming your identity when signing into online accounts, traditionally relies on usernames and passwords. However, this method has limitations as usernames can be easily discovered, and people often choose weak passwords or reuse them across multiple sites. To address these vulnerabilities, most online services, including banks, social media platforms, shopping sites, and Microsoft 365, have implemented Multifactor Authentication (MFA).

Authentication factors are methods used to confirm your identity during the sign-in process. For instance, a password is a familiar example of an authentication factor, representing something you know. There are three primary types of authentication factors:

• Something you know: This includes information memorized by the user, such as a password or a personal identification number (PIN).
• Something you have: This encompasses physical items possessed by the user, like a smartphone or a secure USB key.
• Something you are: This relates to biometric identifiers inherent to the user, such as fingerprints or facial recognition.

When using MFA, after entering the username and password, users are prompted to provide the second factor to verify their identity. This additional step ensures that even if someone gains access to the login credentials, they cannot sign in without the second factor. For example, if an unauthorized individual attempts to sign in with stolen credentials, they would be unable to proceed without access to the user’s smartphone or other designated authentication device.