Multi-Factor Authentication for beginners
Hello folks! If you are confused with the term “multi factor authentication”, you are at the right place to get it resolved!
let’s get started. What do you mean by “Multi Factor Authentication”?
“Multi-factor authentication (MFA) is an authentication method in which a computer user is granted access to some resource store which the user desires to access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something the user and only the user knows), possession (something the user and only the user has), and inherence (something the user and only the user is).”
This is what Wikipedia says about Multi Factor Authentication.
If you are not in a mood to read and understand long too technical explanations let me break this into a real life scenario :D
First, lets see what authentication really is…
This is a hotel and there’s an evening party everyday here. But the hotel permits only the invitees into the party. At the entrance, the security officer asks a security question and those who give the correct answer are only allowed in. So only the invitees know the correct answer :D
Hence they are “authenticated” as invitees to the party and are allowed in from the entrance.
In brief, authentication is the process used to distinctly identify a certain entity, in our case its verifying whether a person is an invitee to the party or not, from the security question.
This can certainly be done using a
- knowledge factor(something the user knows )such as password, security questions.
- Ownership factor( Something the user has) such as identity card, mobile phone, and security token.
- Inherent factor(Something the user is/does) such as bio-metrics.
Now that you know about authentication, lets get back to our topic “Multi factor authentication.”
This is John. He wanted to attend this party but he was not an invitee. So he thought of listening behind the entrance door secretly and he was finally able to get to know the security question. So he was allowed in and he could enjoy the party :0
Once the hotel realized that the no. of people who have attended the party that day has increased by one, the security officers were advised to check for the identity cards of invitees along with the security question and check with the name list of invitees.
Again on the next day john went to the hotel to enter the party in the same way. But at the entrance after he answered for the security question, he was asked to provide his ID. There he was not identified as an invitee to the party where he was not allowed in.
Hence the authentication process of the hotel has now become more reliable and strong because although one factor was compromised when John got to know the security question, he still couldn’t attend the party as he had another barrier to breach, on the next day!
So this is John walking away from the hotel, frustrated.
This is a case of multi factor authentication. John couldn’t enter party when multi factor authentication was implemented. In the above scenario, when authentication with the security question was not secure enough, hotel took measures to check the IDs of the invitees as well. Hence its a 2-factor authentication.
Originally published at https://medium.com on July 10, 2019.