Q. What is Multi-Factor Authentication? how is it different from password authentication?
A. Multi-Factor Authentication (MFA) is an authentication method that verifies a user's identity by using a combination of multiple factors with different characteristics.
There are three types of factors commonly used in Multi-Factor Authentication (MFA):
- Knowledge factors – Information the user knows, such as passwords, PIN codes, or answers to security questions
- Possession factors – Items the user has, such as a mobile phone, hardware token, or IC card
- Biometric factors – Physical traits of the user, such as fingerprints, vein patterns, or voice recognition
For a long time, authentication using just an ID and password—known as single-factor authentication—has been widely used. However, this method carries risks, such as unauthorized access through identity theft.
Multi-Factor Authentication (MFA) enhances security by requiring a combination of different types of authentication factors. Even if an ID and password are leaked, a malicious third party cannot easily sign in, because additional verification—such as possession of a registered device or biometric authentication—is required.