Cybersecurity

Multi-Factor Authentication

Acronym : MFA

MFA requires at least two independent proofs of identity to access an account: a password combined with a one-time code, a physical key or a biometric factor.

Why it matters

Almost every account takeover exploits a stolen or guessed password; MFA neutralizes this attack even when the attacker already knows the password.

Concrete example

After enabling MFA on their work email, an employee must approve each login from a new device via a notification on their phone.

Related notions

Strong authenticationIdentity managementAccess security

Assess your organization's maturity on this topic

Start the diagnostic
Back to glossary