MFA
Multi-factor authentication - an identity verification method requiring at least two independent factors: something you know, something you have, or something you are.
What is MFA?
MFA (Multi-Factor Authentication) is an authentication mechanism that requires a user to confirm their identity using at least two different factors. These factors fall into three categories: knowledge (password, PIN), possession (token, phone, hardware key) and biometric characteristics (fingerprint, face scan).
In practice, the most common combinations are password + code from a mobile app (e.g., Microsoft Authenticator), password + push notification on a phone, or password + FIDO2 hardware key. Each of these methods offers a different level of security - FIDO2 hardware keys are resistant to phishing, while SMS codes can be intercepted.
MFA is not a new concept, but its importance has grown sharply with the prevalence of credential-based attacks. According to industry data, over 80% of successful breaches of corporate systems begin with compromised or guessed passwords. MFA eliminates this attack vector, because a password alone is not sufficient to gain access.
Why does it matter?
Deploying MFA is one of the most effective and cost-efficient measures an organisation can take to protect its assets. A single password - regardless of its complexity - can be stolen through phishing, a keylogger, a breach of another service or a brute-force attack.
MFA is required or recommended by most security regulations and standards, including NIS2, DORA, ISO 27001 and CIS Controls. In a Microsoft 365 environment, enabling MFA should be the first step in securing the organisation.
Related topics
Related terms
Related SEQRED services
Need help in this area?
Our experts will help you assess the risk and plan next steps.