Multi-Factor Authentication (MFA)

Security+ 🏆 • Authentication & Authorization 🔐 • Difficulty: free

Definition

Multi-Factor Authentication is a login method that requires two or more different types of evidence to verify a user’s identity, such as something you know, something you have, or something you are. MFA reduces the risk of account takeover because a password alone is not enough to log in.

Examples

A user logs in with a password and then approves a push notification on their phone to complete the sign-in.
An administrator uses a hardware security key in addition to a password before accessing a privileged console.

Discover 🔎

Passwords are easy to steal. Phishing, malware, leaked databases, and reused credentials make single-factor logins one of the most common weak points in security. MFA is one of the most effective ways to reduce that risk because it adds a second check. Even if an attacker knows your password, they still need another factor to prove they are you.

Remember: MFA works because it adds a different type of proof. Two passwords are not MFA. They are still the same factor.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.