Lagos, Nigeria

Top 5 things to know about multi-factor authentication

MFA can help make your organization more secure. Tom Merritt lists five things you need to know about multi-factor authentication.

You need to know about multi-factor authentication (MFA), or as a lot of other folks call it two-factor authentication. Whether it’s two or more, multiple factors of authentication make you more secure. What are the options? What are the factors you can use to authenticate? Here are five things to know about MFA.

SEE: Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic)

  1. Knowledge. The old “something you know,” such as your password or PIN. This is the one most of you already know and use, but maybe don’t love. This factor type also includes those security questions that ask you what your first pet’s name was or what street you grew up on.  
  2. Possession. Something you have. This can be a USB key, a smart card, even an ATM card or an access badge. It also includes that code you get by text message and the one-time password authenticator apps from Google, Microsoft, Authy and others. 
  3. Inherence. That’s a fancy way of saying something you are. This includes your face, retina, voice, iris or fingerprint. There are also some options for behavioral analysis such as surfing patterns, mouse use or typing patterns among others. 
  4. Location. Somewhere you are. This one is probably the least frequently used. It can be GPS or a connection to a specific network, among other things. This one depends on other security that ensures only the right people are there or on other network security that keeps bad actors off the network. 
  5. Adaptive authentication. It looks at location, time, device and network among other data to estimate risk and adapt the security accordingly. If you always log in at the same time on the same network from the same computer at the same location, your login will speed along, because it’s not unusual. However, if your account is being accessed from a different country than you are usually in, on a device the system has never seen from an IP address it doesn’t recognize in the middle of the night, the security barrier goes way up.

MFA–it’s not the law, but I almost think you should act like it is. Now you know your options for using it and implementing it. I hope that factors into you making a secure decision.

Subscribe to TechRepublic Top 5 on YouTube for all the latest tech advice for business pros from Tom Merritt.

Also see


Image: iStockphoto/Jirsak

This post was written by and was first posted to TechRepublic

Do you find this article helpful? Your Friend might too. So, please Share it with them using the Share button above.
Will you like to get notified when I post new updates? Then Follow me on any of my social media handles: Google News, Telegram, WhatsApp, Twitter, Facebook, Pinterest.
You can also drop your email address below if you wish to be notified by mail.

Tags: ,

%d bloggers like this: