Get Started
  • Home
  • /
  • Multi-factor Authentication

Multi-factor Authentication

A security mechanism that requires multiple forms of verification to access non-human identities.

Description

Multi-factor Authentication (MFA) is a security protocol that adds an additional layer of protection to the authentication process by requiring more than one form of verification from users or systems. In the context of Non-Human Identities (NHIs), such as applications, services, or devices, MFA ensures that access is granted only when multiple authentication factors are successfully verified. These factors typically fall into three categories: something you know (like a password), something you have (like a hardware token or a mobile device), and something you are (like biometric data). By implementing MFA for NHIs, organizations can significantly reduce the risk of unauthorized access and data breaches, which are particularly critical in environments where NHIs handle sensitive information or control critical infrastructure. This approach not only enhances security but also builds trust in automated systems and APIs that interact with sensitive resources, thus promoting better security hygiene and compliance with regulations.

Examples

  • An API requires an access token (something you have) and a time-based one-time password (something you know) for authentication.
  • A cloud service uses a password (something you know) and a biometric scan from a secured device (something you are) for access.

Additional Information

  • MFA can help mitigate risks associated with stolen credentials.
  • Implementation of MFA can be tailored based on the risk level of the NHI's access requirement.

References