This blog will discuss the what single-factor authentication (SFA), two-factor authentication (2FA) and multi-factor authentication (MFA) are, and why more than one factor of authentication is vital to security.
What is Single-factor Authentication (SFA)?
Single-factor authentication is the simplest form of authentication methods. With SFA, a person matches one credential to verify himself or herself online. The most popular example of this would be a password (credential) to a username. Most verification today uses this type of authentication method.
What is Two-factor Authentication (2FA)?
Two-factor authentication uses the same password/username combination, but with the addition of being asked to verify who a person is by using something only he or she owns, such as a mobile device. Putting it simply: it uses two factors to confirm an identity.
What is Multi-factor Authentication (MFA)?
Multi-factor authentication uses a combination of the following factors: something you know, something you have and something you are. 2FA is a subset of MFA, and you can read more on the difference between the two in Chris Webber's blog, Two-Factor vs. Multi-Factor Authentication.
What are the Risks of Single-factor Authentication?
Online sites can have users' passwords leaked by a hacker. Although it doesn’t happen often, it can happen! Without an additional factor to your password to confirm your identity, all a malicious user needs is your password to gain access. Hopefully it’s not a website that has additional personal information stored, such as your credit card information, home address or other personal information used to identify you.
Oftentimes, a user's password is simple so that it is easy to remember. Is there something wrong with that? Well, the more simple the password, the easier it is to crack or guess. A malicious user may guess your password because they know you personally or because they were able to find out certain things about you, such as your birthdate, favorite actor/actress or pet’s name. A malicious user may also crack your password by using a bot to generate the right combination of letters/numbers to match your simple, secret identification method. In either example, it’s going to be a hassle to recover your account(s). Hopefully your simple password is not being reused with other online entities.
SFA is quickly becoming the CD's of security measures. It was great for the time, but it’s outdated. There is a growing number of products, websites and apps that offer two-factor and multi-factor authentication. Whether it’s just two factors, or three or more — MFA in general is the way to make our accounts much much harder for attackers to break into -- the time to get familiar with these new security measures is now.
This is written by the individual author in his/her personal capacity, and the opinions, views and/or thoughts expressed herein are solely the author’s own. They are not intended to and may not necessarily reflect the official policy or position, or the opinions or views of ThycoticCentrify or its affiliates, employees, or any other group or individual.