Multi-Factor Authentication (MFA)

• A security system requiring multiple methods of authentication from independent categories of credentials
• Enhances security by creating a layered defense against unauthorized access

Five categories of Authentication for MFA

Something You Know (Knowledge-Based factor)

• Authentication based on information the user knows, like a password, PIN or answers to secret questions

Something You Have (Possession-Based Factor)

• Authentication based on physical possession of an item
  • Smart card
  • Hardware token (key fob)
  • Software token on a device

Something you are (Inherence-Based Factor)

• Authentication based on biometric characteristics unique to individuals
  • Fingerprints
  • Facial recognition
  • Voice recognition

Somewhere You Are (Location-Based Factor)

• Authentication based on the user’s location, determined through IP address, GPS, or network connection
• Geographical location restrictions can be applied

Something You Do (Behavior-Based Factor)

• Authentication based on recognizing unique patterns associated with user behavior
  • Keystroke patterns
  • Device interaction
• Rarely used as a primary factor but can provide an additional layer of security

Authentication Types

• Single Factor Authentication
• Two Factor Authentication (2FA)
• Multi-Factor Authentication