Multifactor authentication is a two or more step user verification process. The goal of MFA is to create a layered defense, making it more difficult for an unauthorized person to access a target such as a physical location, computing device, network, application, or database.
Multifactor authentication asks users to provide personal information from several categories that prove their identity. These authentication categories are referred to colloquially as: something you know; something you have; and something you are. Each query area includes various security tests, such as:
- “Something you know,” which includes passwords, PIN numbers, and security questions.
- “Something you have,” which includes a one-time passcode sent to your email or cellphone.
- “Something you are,” which involves biometrics, like your fingerprint or a retina scan. For instance, Google multifactor authentication for Gmail includes a password and a one-time verification code sent to your cellphone.
Learn more about multifactor authentication. Read Multifactor Authentication: Using “something you know” and “something you have” to protect your applications.