Home » What is multi-factor authentication?

What is multi-factor authentication?


Multi-factor authentication, abbreviated MFA, is a security measure used to increase security while authenticating to a service. You might not realize it, but you've used multi-factor authentication in the past. For example, your credit or debit card has a security code that's different from the credit card number. When you make a transaction, you need both numbers to make the transaction. You can't use just the credit card number or just the security code.

In computing, MFA is done using three factors:
  • Knowledge factors: things you (and only you) know, like passwords, PINs, and the answers to security questions
  • Possession factors: things you (and only you) have, like your cell phone or a security key
  • Inheritance factors: things you are, like your fingerprints, facial print, or retina print
Two-factor authentication, a flavor of MFA, relies on two of these factors. The principle behind MFA is that if any one of these factors becomes compromised, the data still remains secure. For example, if someone steals your password but you have multi-factor authentication enabled that relies on your cell phone, the attacker can't do anything without your cell phone, which only you have. If someone were to steal your cell phone, they would also need your password to do anything bad.

You should use multi-factor authentication wherever possible, even if it's not required. Consider using multi-factor authentication on your own, personal Google accounts, your online banking accounts, and other important online accounts.