Multi-Factor Authentication is any of a number of systems that require more than just a username & password to prove a user’s identity.

Typically, it involves two of the following:

  • Something you know
    • A password, PIN, etc.
  • Something you have
    • Pressing a button that appears on your phone, a code sent to your email, a badge that is scanned, etc.
  • Something that you are
    • Face scan, fingerprint, retina scan, etc. (Biometrics)

Requiring two factors is called ‘two-factor authentication’. You can, and many organizations do, require more than that.

Requiring multiple factors enhances security, as even if an attacker gets access to a password, they won’t be able to access the user’s account without (at least) one of the other factors.