{"id":439074,"date":"2022-04-28T22:00:37","date_gmt":"2022-04-28T19:00:37","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/what-is-multi-factor-authentication-mfa\/"},"modified":"2022-04-28T22:00:37","modified_gmt":"2022-04-28T19:00:37","slug":"what-is-multi-factor-authentication-mfa","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/what-is-multi-factor-authentication-mfa\/","title":{"rendered":"#What Is Multi-Factor Authentication (MFA)?"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a326b528b347\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a326b528b347\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/what-is-multi-factor-authentication-mfa\/#%E2%80%9CWhat_Is_Multi-Factor_Authentication_MFA%E2%80%9D\" >&#8220;What Is Multi-Factor Authentication (MFA)?&#8221;<\/a><ul class='ez-toc-list-level-2' ><li class='ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/what-is-multi-factor-authentication-mfa\/#MFA_Can_Involve_2FA\" >MFA Can Involve\u00a02FA<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/what-is-multi-factor-authentication-mfa\/#Types_of_MFA\" >Types of MFA<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/what-is-multi-factor-authentication-mfa\/#Hidden_Authentication_Factors\" >Hidden Authentication Factors<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/what-is-multi-factor-authentication-mfa\/#Risk-Based_Authentication\" >Risk-Based Authentication<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/buradabiliyorum.com\/en\/what-is-multi-factor-authentication-mfa\/#How_Many_Factors_Do_You_Need\" >How Many Factors Do You Need?<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9CWhat_Is_Multi-Factor_Authentication_MFA%E2%80%9D\"><\/span>&#8220;What Is Multi-Factor Authentication (MFA)?&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div>\n<figure style=\"width: 1200px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"type:primaryImage size-full wp-image-795002\" data-pagespeed-lazy-srcset=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/two-factor-authentication-smartphone-laptop.jpg?width=398&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1 400w, https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/two-factor-authentication-smartphone-laptop.jpg?width=1198&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1 1200w\" sizes=\"auto, 400w, 1200w\" data-pagespeed-lazy-src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/two-factor-authentication-smartphone-laptop.jpg?width=1198&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"A smartphone on a laptop showing two-factor authentication codes.\" width=\"1200\" height=\"675\" src=\"\/pagespeed_static\/1.JiBnMqyl6S.gif\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"type:primaryImage imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-photo\/2step-authentication-two-steps-verification-sms-1627553293\">BestForBest\/Shutterstock.com<\/a><\/span><\/figcaption><\/figure>\n<p>You\u2019ve heard of two-factor authentication (2FA) and its many benefits, but what about multi-factor authentication (MFA)? MFA can go beyond a simple text or authentication <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>, and might even happen without you knowing it.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"MFA_Can_Involve_2FA\"><\/span>MFA Can Involve\u00a02FA<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Two-factor authentication is a subset of multi-factor authentication. So the core definition of both is essentially the same. MFA simply means that a resource (such as your computer or online account) is secured by more than one type of credential.<\/p>\n<p>The reasoning behind MFA is that there\u2019s an exponential reduction in the odds of someone compromising all of the authentication factors you need, especially if they\u2019re very different in nature.<\/p>\n<p>The most common type of MFA is two-factor authentication with a password and a code sent via SMS texts or through a dedicated authentication app, but different services mix and match factors as required.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Types_of_MFA\"><\/span>Types of MFA<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Authentication factors can be broadly sorted into knowledge, possessions, and inherent unique attributes.<\/p>\n<p>Factors that you <em>know<\/em> include passwords, PINs, the answers to security questions, and so on. These are often the most vulnerable to being compromised because they can be stolen or, in some cases, guessed by brute force.<\/p>\n<p>Authentication factors you <em>possess<\/em> are objects like keys, RFID cards, and devices like computers and smartphones. To compromise this factor you need to either steal the object or make a perfect copy of it without the owner noticing.<\/p>\n<p><em>Inherent<\/em> factors are things that are unique to you, but can\u2019t be changed. These are mostly biometric factors such as your fingerprints or iris patterns, but can also include voice matching, facial recognition, and many other similar options.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Hidden_Authentication_Factors\"><\/span>Hidden Authentication Factors<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>There are also authentication factors that you don\u2019t even know about but are used silently to verify your access. For example, the GPS location of your phone, the MAC address of your network adapter, or your browser fingerprint. You may never know that this is being checked, but when an unauthorized user without that hidden factor tries to gain access, they\u2019ll be blocked.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Risk-Based_Authentication\"><\/span>Risk-Based Authentication<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Speaking of hidden authentication factors, this ties in with risk-based authentication. This is a practice where you usually only need 2FA or even one factor to access your resources, but if something out of the ordinary happens additional factors are required.<\/p>\n<p>Maybe you\u2019re in a different country or trying to log in from a computer you\u2019ve never used before. The authentication system picks up on violations of your usual patterns and takes action by asking for more proof that you\u2019re really who you say you are.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"How_Many_Factors_Do_You_Need\"><\/span>How Many Factors Do You Need?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>If you\u2019re currently using 2FA to secure your online accounts or other resources, should you be using MFA with more than two factors? As we\u2019ve seen, you may actually already benefit from MFA without knowing it. There are some cases, though, where you might want to consider adding more factors or changing factors if possible.<\/p>\n<p>If you\u2019re using SMS-based verification codes, you should consider switching to an authenticator app if the service offers one. Thanks to a hacker\u2019s ability to clone\u00a0SIM cards, SMS is\u00a0not the most secure second factor.<\/p>\n<p>Keep in mind that while adding more factors does significantly raise the security level of access control, it also introduces more work for you. Additionally, if you misplace some of your factors, you could be significantly inconvenienced.<\/p>\n<p>As such, we recommend that the average user sticks to 2FA with a few backup factors in the event you\u2019re locked out or need to have extra protection in high-risk scenarios. Some password managers can help you with this, and you should be using one regardless.<\/p>\n<\/div>\n<p><script>\n setTimeout(function(){\n  !function(f,b,e,v,n,t,s)\n  {if(f.fbq)return;n=f.fbq=function(){n.callMethod?\n  n.callMethod.apply(n,arguments):n.queue.push(arguments)};\n  if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';\n  n.queue=[];t=b.createElement(e);t.async=!0;\n  t.src=v;s=b.getElementsByTagName(e)[0];\n  s.parentNode.insertBefore(t,s) } (window, document,'script',\n  'https:\/\/connect.facebook.net\/en_US\/fbevents.js');\n   fbq('init', '335401813750447');\n   fbq('track', 'PageView');\n  },3000);\n<\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.howtogeek.com\/794722\/what-is-multi-factor-authentication-mfa\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;What Is Multi-Factor Authentication (MFA)?&#8221; BestForBest\/Shutterstock.com You\u2019ve heard of two-factor authentication (2FA) and its many benefits, but what about multi-factor authentication (MFA)? MFA can go beyond a simple text or authentication app, and might even happen without you knowing it. MFA Can Involve\u00a02FA Two-factor authentication is a subset of multi-factor authentication. So the core definition&#8230;<\/p>\n","protected":false},"author":1,"featured_media":439075,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2022\/03\/two-factor-authentication-smartphone-laptop.jpg?height=200p&trim=2,2,2,2","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-439074","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/439074","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=439074"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/439074\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/439075"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=439074"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=439074"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=439074"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}