Multi-factor authentication (MFA) is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence, or factors, to an authentication mechanism. The most common types of authentication factors are the following
- What you know (password or secret key)
- What you have (smart card or hardware token)
- What you are (biometric data)
The following list provides the most common MFA factor implemented today by security companies:
- Biometrics such as voice recognition or fingerprint scans.
- Magnetic stripe cards. These are cards which contain data such as identification numbers written on magnetic storage media. May include other security features such as an employee id card with a photo on the front.
- Security keys. A hardware authenticator that provides physical proof that the user is present when they touch the key.
- Security tokens/mobile devices. Hardware such as a USB device or mobile phone that generates time-synchronized tokens based on a shared key with an authentication service.
- One Time Password (OTP). This refers to the generation of an one-time password which is sent via SMS text or generated by a security token once in order for a user to authenticate themselves into a cloud computing system.
- Challenge/response. Answers to challenge questions that may include personal information such as “Your favorite sport.” or “Your first car.”
- Smart cards. Cards which have embedded computing capabilities that typically include authentication credentials such as public key certificates.