It is an undeniable fact that users tend to be the weakest link in IT security, due to human imperfection and easily compromised credentials. In fact, credentials are involved in 61% of data breaches and they increase the cost of a data breach by 23%. How can IT admins mitigate this risk? By implementing multi-factor authentication (MFA). MFA is an IT system’s first defense against security breaches, and is the lowest-hanging fruit for organizations with little to no security protocols in place.
For a more detailed look at why you should use multiple factors for authentication, check out part one of this series. For part two, we will dive into the different types of factors you can use to develop an MFA protocol that works for your organization.
In the context of identity and access management (IAM), a factor is simply a type of authentication used to confirm someone’s identity. For example, when you log in to your email, you are providing an email address to establish your identity. Your password is then the factor used to authenticate your identity and grant you access to your inbox. The more factors layered onto a login process, the more robust the security—although IT admins must also balance this with user experience.
The most commonly used MFA factors fall into one of three categories:
- Knowledge, aka something you know, such as a password or security question
- Possession, aka something you have, such as an SMS code or physical key
- Inherence, aka something you are, such as a fingerprint or face ID
Some would argue that there are a total of five categories of authentication factors, including Location, aka somewhere you are, and Behavior, aka something you do. Since these are less common forms of authentication—and often less secure—this article will focus on the three primary categories of MFA factors.
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Kelsey Kinzer. Read the original post at: https://jumpcloud.com/blog/different-factors-of-multi-factor-authentication-mfa