CS406: Information Security

Multi-factor authentication is an approach to authentication which requires two or all of the three authentication factors. Multi-factor authentication can drastically reduce the chance that an attacker accesses a protected resource or account because the victim's password would no longer be enough to give the attacker access to that resource. A common example of this is single-use passwords used by many web services. A user can request a single-use password, which will be forwarded to the user's mobile phone or another device so the device is needed in order to obtain the password. This involves both the ownership and knowledge factors.