You keep using that word. I do not think it means what you think it means.
My favorite quote from my favorite princess movie. “Inconceivable!”
It’s what I want to say when I get the typical questions about multi-factor authentication.
- What license do I need for multi-factor authentication?
- How do I enable multi-factor authentication?
- How does multi-factor authentication work?
The problem with multi-factor authentication is that it isn’t a product you can buy and deploy. Multi-factor authentication is a concept. It is an approach to authentication.
Authentication is how you prove the identity you are providing is really your identity. How you prove your identity typically falls into 1 of three categories, also called factors
- What you know
- What you have
- What you are
Each one is an authentication factor. Think about your house or apartment:
- Something I Have: Using a key to unlock the door
- Something I Know: Using a pin to open the garage door
- Something I Am: Having a guard dog inside the house (The dog will prove my identity based on sight and smell).
If I use a PIN to open my garage door, then a key to open the door and pet my dog when I get home I just used multi-factor authentication to access my house. I used something I know (PIN) with something I have (key) with something I am (dog).
A year ago, I was in Milwaukee for a local CUGC meeting. A friend took me to The Safe House (a really fun spy-themed bar). To get in, I had to show my ID (something I have) and I had to give them the passphrase (something I know). The Safe House uses multi-factor authentication.
As you see, multi-factor authentication is a concept of combining multiple factors to give you access.
What we will see in future blogs is that some forms of authentication automatically combine multiple factors while others provide a single factor requiring you to string different authentication options together to provide multi-factor authentication.
Authentication Blog Series: