Multi-Factor Authentication
Authentication is understood as proof of a given identity to a computer system. When logging in, the combination of username and password has been the most common method for authenticating a user for some time. It is still the most widely used one-factor authentication for proof of identity.
Multi-factor authentication (MFA) is proof of a user's identity with more than one factor (e.g. password + one-time password (OTP) or password + fingerprint + security token).
Access by employees with mobile devices and via public WLANs to the company network is now the norm, as is the opening of company applications for customers and business partners. However, as more and more content is made available for digital interactions, the risks and dangers of cyberespionage and cybercrime are also growing.
Companies are reacting to this today with stricter – sometimes too rigid – guidelines for the authentication process. This is not only complicated, user-unfriendly and expensive, but also only offers limited flexibility and security.
On the one hand, flexible authentication is about allowing users to use the authentication mechanism of their choice, as far as it is appropriate from a security perspective. It is no less important to be able to introduce strong authentication mechanisms for new applications that are manageable in terms of costs and logistics. Furthermore, all authentication factors used should be able to be integrated into the authentication process and be subject to the same control, regardless of whether they are old or newly introduced devices/factors.
Security solutions that require a comprehensive security procedure for access to applications and systems often make day-to-day work more difficult for employees and lead to a loss of productivity. The use of user-friendly and scalable multi-factor authentication techniques (MFA) is essential.
Depending on the requirements, a wide variety of solution scenarios are conceivable - for example by combining a password with a security token for a single sign-on solution. The user only has to remember one password for all applications; however, by combining it with a security token, an additional level of security is gained.
