Multi-factor authentication is authentication that relies on more than one authentication factor, which makes impersonating someone at the time of login much harder to do. There are only three recognized authentication factors:
- Something you know — like a password, PIN, or the answer to a security question
- Something you have — like a physical token, a signed certificate or a virtual token attached to your cell phone
- Something you are — which covers biometrics like fingerprints, retinal scans or even the “unlock with your face” function on smart-phones and computers
- MFA is when you need to use more than one of these factors, like a password AND a token. Using two examples from one factor, such as a password and a security question, is not multi-factor authentication.