Multi-factor authentication

  Technique summary
Technique Multi-factor authentication (MFA, sometimes 2FA)
Against Clipboard attack, SMS attacks
Limitations None
Side effects None
Recommendations Recommended for use

Multi-factor authentication (MFA), or two-factor authentication (2FA) is an authentication method in which a user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism. For example, these two factors can be user's password and a one-time password generated with a third-party authenticator app.

A third-party authenticator (TPA) app enables two-factor authentication, usually by showing a randomly generated and frequently changing code to use for authentication.

To make the MFA resilient to SMS attacks, none of the factors should be an SMS text received on the user's device.

Note that the TPA can still be vulnerable against other attacks, such as malicious accessibility services.

Guardsquare

Table of contents