In this article, I will explain about 2FA (two-factor authentication) and MFA (multi-factor authentication) and why you should be using it to secure keep your accounts secure.
As an administrator, IT Professional or an IT user there a few security steps you can take like; installing antivirus software, set firewall rules, implement encryption technology, and regularly running vulnerability tests. But today’s reality is that if multi-factor authentication (MFA) is not in place, these other security measures can be bypassed as we know hackers are too advanced.
Why the password is not enough
- Studies show that over 90% of all web site attacks are due to weak passwords or stolen credentials both are hackers’ weapon of choice.
- Password theft is constantly growing due to keylogging, phishing, pharming and so on.
Authentication Factors
Two-Factor vs Multi-Factor
I think the difference between Two-Factor Authentication (2FA) and Multi-Factor Authentication (MFA) should be already clear by now: 2FA is nothing more, nothing less than an implementation of multi-factor authentication which requires two different factor types from those listed above. Three-Factor Authentication (3FA) is also a type of MFA which requires all the three factors identified above.
Multi-Password Authentication
Don’t be confused between a Multi-Password Authentication (MPA) mechanism and 2FA and MFA mechanisms. The Multi-Password Authentication (MPA) requires the user to insert multiple sets of credentials (like; different usernames/passwords) in order to access a specific resource.
Authentication vs Authorization
Both are different, but it’s essential to understand what makes the difference between Authentication and Authorization. Under the authorisation process; we could say that the purpose of authorisation is to confirm that the requesting user is allowed to have access to the action they want to perform. In other words, while authentication is about who the user is, authorisation is about what the user is allowed to do. In simple words, the term authentication refers to any process of verification that someone is who they say they are.
