Multifactor Authentication (MFA)


What is Multifactor Authentication?

As you know password are one of the most used security mechanisms to secure a device. We use different types of password to secure our systems. But passwords are vulnerable to attacks in todays network world. There must be additional security mechanisms. Multifactor Authentication is used for this purpose. So, what is Multifactor Authentication? This mechanism  is basically a security system that uses more than one authentication method to identify the user. This mechanism works as a second or more barrier towards the attackers.


There are different mechanisms used for Multifactor Authentication. And Multifactor Authentication combines two or more of these mechanisms. These mechanims are given below:


  • Information known by the user like passwords
  • Information owned by the user like  user like security tokens
  • Information specific to user body like fingerprints
  • Information about user location
  • Information about user access time


With Multifactor authentication methods, different platforms involve to this network security job. For example, mobile phones or emails can be used for this authentication. A text message or an email can be sent to the user whenever he tries to login to the device. With this second step, emails and message can contain the access code. This mechanism is widely used in many areas today.


Beside using additional device, our body can also be used to identify and authenticate us. As you know, human body has identical parts like voice, fingerprints, retinas etc. By checking such biometric information, users can authenticate.



Why We Need Multifactor Authentication?


Multifactor Authentication is an additional barrier towards any attacker. With the traditional password security mechanism are not enough to secure our networks in today’s world. There are different vulnerabilities of this password protection.


As you know user information is stored in authentication databases. In other words, there are username and password lists in authentication servers. Storing all this information is not safe because if someone can reach these credentials, they can easily use these user credentials and access the systems. This is one of the vulnerabilities of this traditional password protection.


Another vulnerability of password protection is about password strings. Before, we were using weak passwords to access the network devices. Then, we have started to use strong passwords. These strong passwords can be enough to avoid any brute force attacks. But CPU capacities are increasing rapidly and this gives more capacity to brute force attacks. So, attackers can try millions of passwords per second.


Multifactor Authentication helps us to overcome these weaknesses. We can add additional security barriers beside password protection and by doing this, we can defend our network devices better.



Multifactor Authentication Factor


Multifactor Authentication Factor is the category of the credentials that can be checked during authentication.  So, what are the Multifactor Authentication Factors?


These Factors are given below:


  • Knowledge Factors
  • Possession Factors
  • Inherence Factors
  • Location Factors
  • Time Factors


Knowledge Factors are the factors related with user knowledge. This can be user password, security questions, security shape etc.


Possession Factors are the factors related with additional platforms. This can be a smart phone, your email, SMS etc. A second code is sent to one of these platforms.


Inherence Factors are the factors related with the body. This can be fingerprints, retina, iris, voice etc. With these identical parts, user can authenticate.


Location Factors are the factors related with your location. Location is determined by GPS. This allows authentication in specific locations.


Time Factors are the factors related with the access time. This allows authentication in specific times.



Back to: CCNA 200-301 v1.1 > Security Fundamentals

2 Responses to “Multifactor Authentication (MFA)”

Leave a Reply

Your email address will not be published. Required fields are marked *

CCNA 200-301 v1.1