MFA
MFA requires users to provide two or more verification factors from different categories — something you know, something you have, or something you are — before being granted access.
⚙️ How Does It Work?
After the user enters their password, the system prompts for a second factor: an OTP from an authenticator app, a push notification, a hardware token, or a biometric scan.
📍 Where Is It Used?
Every enterprise environment — required by most compliance frameworks, cyber insurance policies, and cloud providers for privileged access.
💡 Real-World Example
A company mandates MFA for all VPN logins after a credential stuffing attack. After implementing push notifications, stolen passwords alone become useless — attack success drops to zero.
🔗 Related Terms
Stay Ahead in Identity Security
Get weekly IAM, PAM & IGA insights via Identity Pulse.
Subscribe to Identity Pulse →