Multi-factor authentication (MFA) is a security mechanism that requires the use of two or more different forms of authentication to verify the identity of a user before granting access to a system or application.
This approach adds an additional layer of security to traditional username/password authentication, making it more difficult for attackers to gain unauthorized access. The different forms of authentication used in MFA typically fall into three categories:
- Something the user knows, such as a password, PIN, or security question
- Something the user has, such as a smart card, token, or mobile phone
- Something the user is, such as a biometric identifier like a fingerprint or facial recognition
