Multi-factor authentication (MFA)

Multi-factor authentication (MFA) is a security procedure that requires users to log in with at least two different factors. In addition to a password, additional proof is required, e.g. a code on the smartphone.

What does MFA mean in detail?

The MFA combines different types of evidence:

• Knowledge (e.g. password)
• Possession (e.g. smartphone or token)
• Property (e.g. fingerprint)

Even if a password is stolen, an unauthorized person cannot log in without the second factor. MFA is therefore one of the most effective measures against unauthorized access.

Where do I come across this issue in my day-to-day work?

• When logging into email inboxes or cloud services
• When accessing company systems on the move
• For online banking or other sensitive applications

What can I do to improve my safety?

• Activate MFA wherever it is offered
• Never pass on confirmation codes
• Be alert to unexpected login requests

Practical example from everyday work

Imagine an employee logs into her email inbox in the morning.
She enters her password as usual (knowledge). She then receives a request on her smartphone (possession), which she has to confirm with a click.

One day, her password is intercepted by a phishing email. A stranger then tries to log into her email account.
Although the password is correct, the login fails – because the attacker is unable to carry out the second confirmation on the smartphone.

Instead, the employee receives an unexpected login request on her cell phone and immediately realizes that something is wrong. She reports the incident to IT and changes her password.

Note: Unauthorized access was successfully prevented by MFA.