What is Multifactor Authentication

You have probably heard it said before or maybe even read about, but what actually is Multifactor Authentication (MFA) and how do you use it? According to our friends at CISA (Cybersecurity and Infrastructure Security Agency, multifactor authentication is, “a layered approach to securing data and applications where a system requires a user to present a combination of two or more credentials to verify a user’s identity for login.”

In simpler terms

Multfactor Authentication means you need more than just your username and password to access your accounts. This extra authentication step helps ensure that it is you who is accessing your account and not a cybercriminal. While a cybercriminal can crack your username and passwords, without having access to the extra step, they cannot gain access to your account.

The basic breakdowns 

Often times cybersecurity professionals will describe multifactor authentication this way:

• Something you know, like your username and password
• Something you have, like your mobile phone or smartphone or USB key
• Something you are, like your finger/thumb print, face, or voice

Utilizing MFA means you need to use, at minimum, two out of those three categories, all depending on the level of security you need. Below are three pretty common MFA processes that you may be familiar with:

1. Enter in your username and password at the login page (something you know)
2. The login now sends you an expiring passcode to your smartphone (something you have)
3. Enter in the expiring passcode on the login page
4. You can now log in

1. Enter in your username and password at the login page (something you know)
2. You receive a push notification on your smartphone requesting approval or denial of a login attempt on your account (something you have)
3. Select “Approve” on your smartphone (something you have)
4. You can now log in

Or lastly, it may look something like this:

1. Enter in your username and password at the login page (something you know)
2. Open an authenticator app on your smartphone and enter the expiring 6 digit code (something you have)
3. You can now log in

As you can see there are multiple ways to use MFA and these are only three examples of how you can implement it.

To learn more about the Michigan SBDC and our other services check out Our Services page today!