Multi-Factor Authentication
Multi-Factor Authentication adds a second factor of verification, requiring more than just your usual login details to access an account. This second factor is could be a code from a device or a biometric check.
Overview
Multi-Factor Authentication (MFA) and Two-Factor Authentication (2FA) are often used interchangeably, but they’re not quite the same. 2FA is a subset of MFA, requiring exactly two authentication factors, such as something you know (password) and something you have (phone). MFA, on the other hand, requires two or more factors but isn’t limited to just two. While all 2FA is MFA, not all MFA is 2FA.
Multi-Factor Authentication, sometimes used interchangeably with Two-Factor Authentication (2FA), is a security mechanism that requires users to provide more than one form of verification before gaining access to an account or system.
While 2FA specifically involves two factors—typically something you know (password) and something you have (authenticator app, SMS code, security key)—MFA extends this by requiring two or more factors from different categories, which can also include biometrics (something you are, like a fingerprint). The key difference is that 2FA is a subset of MFA, while MFA can incorporate additional layers of security for greater protection.
Multi-Factor Authentication adds an extra layer of security to your accounts by requiring more than just a password — like a code sent to your phone or a tap on an app — making it much harder for someone else to log in as you.
What are Factors?
Factors are different ways proving you are you. Typically factors fall under the categories of something you know, something you have and something you are. Two-Factor Authentication would be an option from two of the categories listed below, whereas Multi-Factor Authentication would be three or more options from each of the categories listed below.
- Something you know
This would be a piece of information that only you should know such as a password, pin number, pattern or security questions. This is normally the first factor of authentication in most login scenarios. - Something you have
This is an item item you have possession of and control, such as a mobile device, hardware key, smart card, or an authenticator app on your mobile phone. - Something you are
This is something biologically unique about you, commonly known as biometrics. These typically come in the form of facial, retina, and fingerprint scans, often used with modern mobile devices.
To summarise, a valid form of Two-Factor Authentication would be a password and code provided by your mobile device. A valid form of Multi-Factor Authentication would be a password, a code provided by your mobile device and a fingerprint scan.
Common Authentication Methods
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Integer posuere erat a ante. Cras sit amet nibh libero, in gravida nulla. Nulla vel metus scelerisque ante sollicitudin. Cras purus odio, vestibulum in vulputate at, tempus viverra turpis. Fusce condimentum nunc ac nisi vulputate fringilla. Donec lacinia congue felis in faucibus.
SMS One-Time Code
OTP | Regarded as one of the the weakest forms of authentication, a text message containing a one-time use code is sent to your phone. It’s a popular message because almost everyone has a mobile phone, and it doesn’t require installing an app. However, it is vulnerable to …
Email One-Time Code
OTP | This method e-mails the code to you instead of texting it. This is another popular option as it relies on something that almost everyone has, an e-mail account.
Authenticator Apps
TOTP | Apps like Google Authenticator, Microsoft Authenticator, Authy, Duo Mobile, Ente and 2FAS generate six digit codes stored inside the app. These codes rotate every 30 seconds and do not require an Internet connection.
Push Notifications
Instead of typing a code, a trusted app sends a notification to your phone asking if you’re trying to log in. You can then tap on the notification and approve or deny the login request. This method is extremely fast, convenient and user-friendly, but only as secure as your device is. Push fatigue.
Biometrics
Biometrics use your unique physical characteristics such as fingerprints, facial features, retina pattern or voice to verify your identity. Like Push Notifications, it is fast, convenient and user-friendly and often used on mobile phones and modern laptops.
Security Keys
Security Keys like like YubiKey, Titan Key, SoloKeys and OnlyKey are small physical devices that you connect to your computer or mobile phone and physically touch a button on the key to confirm you are present. These devices can differ in how they work with some only needing to be placed closely and other requiring your fingerprint. They are regarded as one of the strongest forms of authentication.
How to use an Authenticator App
Email and SMS codes and biometrics are biometrics. A lot of people are likely going to get prompted to setup Two-Factor Authentication using Authenticator apps, so this is going to be a simplified series of steps that you need to do, in order to complete the setup process.
- Enable Two-Factor Authentication on your account
- The website will display a QR Code on the screen
- Underneath this QR Code will be a prompt to enter a code
- Open your Authenticator App
- Click the Add / Scan a QR Code button in the app
- The camera for your Mobile Device should activate
- Scan the QR Code on your screen with your mobile device
- A new, named, six digit code will be displayed in your Authenticator app
- Type the currently displayed code back into the website prompt
- Click OK / Submit
You have successfully setup Two-Factor Authentication for your account on that website. Every time you need to login from fresh or login from another device, you will now be prompted for both your login credentials and your current 2FA code, which you can get by opening the Authenticator App.
What if I Lose Access to my 2FA Method?
Backup Codes! Backup to Cloud! Cras sit amet nibh libero, in gravida nulla. Nulla vel metus scelerisque ante sollicitudin. Cras purus odio, vestibulum in vulputate at, tempus viverra turpis. Fusce condimentum nunc ac nisi vulputate fringilla. Donec lacinia congue felis in faucibus.
Information Table
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Integer posuere erat a ante.
| # | First Name | Last Name | Status |
| 1 | Bob | Gordon | 🔴 |
| 2 | Simon | Kelphis | ⚫ |
| 3 | Sarah | Gerome | 🟢 |
Header
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Integer posuere erat a ante. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Integer posuere erat a ante. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Integer posuere erat a ante. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Integer posuere erat a ante.