Multi-factor authentication

Multi-factor authentication (MFA; two-factor authentication, or 2FA) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more distinct types of evidence (or factors) to an authentication mechanism. MFA protects personal data—which may include personal identification or financial assets—from being accessed by an unauthorized third party that may have been able to discover, for example, a single password.

Usage of MFA has increased in recent years. Security issues which can cause the bypass of MFA are fatigue attacks, phishing and SIM swapping.^[1]

Accounts with MFA enabled are significantly less likely to be compromised. ^[2]

^ Russell, Steve (2023-02-22). "Bypassing Multi-Factor Authentication". ITNOW. 65 (1): 42–45. doi:10.1093/combul/bwad023. ISSN 1746-5702.
^ Meyer, L. A.; Romero, S.; Bertoli, G.; Burt, T.; Weinert, A.; Ferres, J. L. (2023). "How effective is multifactor authentication at deterring cyberattacks?". arXiv:2305.00945 [cs.CR].

[1] Russell, Steve (2023-02-22). "Bypassing Multi-Factor Authentication". ITNOW. 65 (1): 42–45. doi:10.1093/combul/bwad023. ISSN 1746-5702.

[2] Meyer, L. A.; Romero, S.; Bertoli, G.; Burt, T.; Weinert, A.; Ferres, J. L. (2023). "How effective is multifactor authentication at deterring cyberattacks?". arXiv:2305.00945 [cs.CR].

[1]

[2]