• English
    • Français
    • Deutsch
    • 日本語
    • Español
    • Svenska
  • Contact sales
  • Reseller locator
  • English English English en
  • Français Français French fr
  • Deutsch Deutsch German de
  • 日本語 日本語 Japanese ja
  • Español Español Spanish es
  • Svenska Svenska Swedish sv
Yubico
  • Why Yubico
    • For business
    • For individuals
    • For developers
  • Products
    • YubiKeys
    • YubiHSM
    • YubiEnterprise services
    • Services & software
    • Works with YubiKey
    • Find the right YubiKey
  • Solutions
    • Use Cases
      • Remote Workers
      • Passwordless
      • Microsoft 365
      • MFA modernization
      • Account takeovers
      • Compliance
      • Privileged users
      • Mobile restricted environments
      • Call centers
      • Secure password managers
    • Industries
      • Technology
      • Financial services
      • Cryptocurrency
      • Retail
      • Federal Government
      • State and Local Government
      • Elections and Political Campaigns
      • Education
      • Healthcare
  • Resources
    • Getting Started
    • COVID-19 Resources
    • White papers
    • Webinars
    • Product briefs
    • Case studies
    • Infographics
    • Yubico blog
    • Authentication standards
    • Videos
    • Developer program
    • Cybersecurity Glossary
  • Company
    • About us
    • The team
    • Innovation history
    • Careers & culture
    • Press room
    • Contact us
    • Partners
    • Events
    • Our customers
    • Free Speech program
    • Affiliate program
  • Support
    • Support services
    • Professional Services
    • Set up your YubiKey
    • Help
    • Documentation
    • Downloads
    • Buying and shipping
    • Security advisories
  • 
      • X
        Quick Links
        Find the Right YubiKey Set Up Your YubiKey Contact Us
        Knowledge Base
      • Search Yubico
  • Search
Store
Light blue multi factor authentication device

Multi-factor authentication (MFA) explained

What is multi-factor authentication?

Multi-factor authentication (MFA) can greatly enhance security while delivering a positive user experience. MFA is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence, or factors, to an authentication mechanism.

  • Something user knows
  • Something user knows
  • Something user has
  • Something user knows
  • Something user has
  • Something user is

4x breaches

Breaches have quadrupled in last four years costing the global economy $2.1 trillion in 2019.

2+ factors

By requiring 2 or more factors for verification, MFA provides the strongest security.

$5.2M lost

The average company loses $5.2M annually in weak password-related accounts lockouts.

* The 2019 State of Password and Authentication Security Behaviors Report, Ponemon Report, 2019

Types of multi-factor authentication

You have probably used multi-factor authentication (MFA) before without realizing it. The bank has higher confidence because a wallet thief cannot drain your account unless they also know your PIN. MFA is a way for the service you use to authenticate your identity, by asking you to present two or more pieces of evidence (factors) during the login process.

Biometrics

Biometrics such as voice recognition or fingerprint scans.

Magnetic stripe cards

Cards that contain data such as identification numbers written on magnetic storage media. May include other security features such as an employee id card with a photo on the front.

Security keys

A hardware authenticator that provides physical proof that the user is present when they touch the key.

Security tokens/
mobile devices

Hardware such as a USB device or mobile phone that generates time-synchronized tokens based on a shared key with an authentication service.

Challenge/response

Answers to challenge questions that may include personal information such as “Your favorite sport.” or “Your first car.”

Smart cards

Cards that have embedded computing capabilities that typically include authentication credentials such as public key certificates.

Multi-factor authentication
raises the bar for security

Experience multiple layers of protection

Users who are security savvy and want the highest levels of security for sensitive resources or transactions opt for multi-factor authentication as the barrier to entry is the most stringent. A user has to supply several pieces of information before gaining access to their accounts.

Protect high assurance transactions

For certain transactions, using strong single factor authentication may provide sufficient security. However for high assurance transactions, such as filling a prescription, or making a high dollar value transaction, a user may need to be verified more strongly. Multi-factor authentication with a PIN will strongly assure the identity of the user.

Ensure strong compliance

For organizations in regulated industries, there is a need to meet stringent compliance regulations and compliance regulations such as PCI and HIPAA. Using a multi-factor authentication approach with solutions that meet the highest levels of assurance, such as NIST Assurance Level 3 (AAL3) assures authorized access.

Find your YubiKey
Take the quick Product Finder Quiz to find the right key for you or your business.
Let’s start
Set up your YubiKey
The YubiKey works with hundreds of services and software applications. We're here to guide you getting started whether for personal or business use.
Shop now

Say hello to the YubiKey, goodbye to account takeovers.

Contact Sales
Buy Online

Find
Take product finder quiz

Set up
Find set-up guides

Buy
Buy online
Contact sales
Find resellers

Stay connected
Sign up for email

RSS FeedTwitterLinkedInFacebookInstagramYoutubeGithub

Products
YubiKeys
YubiHSM
YubiEnterprise services
Services & software
Works with YubiKey
Find the right YubiKey

Why Yubico

For personal use
For businesses
For developers
Solutions
Remote Workers
Passwordless
Microsoft 365
Call centers
Cryptocurrency
Financial services
Federal Government
State & Local Government
More…
Resources
Getting Started
COVID-19 Resources
White papers
Webinars
Case studies
Product briefs
Infographics
Yubico blog
Authentication standards
Videos
Developer program
Company
About us
Trust in Yubico
The team
Innovation history
Careers & culture
Press room
Contact us
Partners
Events
Our customers
Affiliate program
Support
Support services
Professional Services
Set up your YubiKey
Knowledge base
Documentation
Downloads
Security advisories

Cookies Legal Trust Privacy Terms of Use

Yubico © 2021. All Rights Reserved.

We use cookies to ensure that you get the best experience on our site and to present relevant content and advertising. By browsing this site without restricting the use of cookies, you consent to our and third party use of cookies as set out in our Cookie Notice.
Accept Settings
Yubico Privacy and Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Uncategorized

Undefined cookies are those that are being analyzed and have not been classified into a category as yet.

Analytics

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Advertisement

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Performance

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

Preferences

Preference cookies are used to store user preferences to provide content that is customized and convenient for the users, like the language of the website or the location of the visitor.

Functional

Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.

Save & Accept
Scroll to top