Optiv Cybersecurity Dictionary

What Is 2FA (2-Factor Authentication) and MFA (Multi-Factor Authentication)?

2-factor authentication (2FA) requires both knowledge (like a password) and something tangible (such as a hardware or software authentication system) to gain access to a protected computer system. 


By some definitions, multi-factor authentication (MFA) takes that one step further by also requiring something that is unique to your physical being (like a fingerprint or retina or behavior) in order to authenticate an identity. However, the term MFA is often used when there are only two factors. In traditional 2FA, the authentication device can be either hardware based (such as a token) or software based (such as a mobile app).  


MFA Token

The role of the authentication device is to generate a unique and temporary cryptographic code that must be input, in addition to a password, to gain access to a computer resource. Without this code, an attacker who has compromised a user's password cannot gain access to the protected resource – making 2FA a minimum-security best practice. 

Multi-Factor Authentication:

Why It Matters

Your data’s no longer safe if it’s protected by a password alone. Even long and secure passwords can be recovered in a matter of minutes with the right software. Hackers these days, amirite?! While strong passwords still play an important role in securing access, they’re now sharing the stage with other identity-authenticating requirements. Enter MFA, which calls for users to present two or more factors to prove their identity.


Additional Security Verification

Unless all required factors align, it’s access denied, and that’s great news for you if someone got ahold of your password. MFA is not a simple suggestion anymore; it’s an absolute must for any SaaS app, website or SSO portal. As mentioned in the White House EO, fundamental security practices across the nation must implement MFA to ensure an additional layer of protection against unauthorized entries.

The Solution to Multi-Factor Authentication

Given the volatile state of cyberspace, we’d recommend implementing MFA as soon as possible. (Like, yesterday.) Let our Identity team help your organization carry out a stronger authentication strategy, all while reducing user friction.


How to Implement MFA

Digital Access Management Social Share Image

Related Terms

Contact Us