You may not realize it but you have probably used multifactor authentication already in your daily life. Have you made a purchase with a credit card and entered your zip code after the card was swiped? This is a form of two-factor authentication; the credit card itself was the first form and the pin code was the second.
Multifactor authentication or MFA adds an extra layer of security to your login procedure. A normal login requires you to enter your username and password, this is known as single factor authentication. MFA makes your account more secure because it requires an additional type of authorization.
There are three different potential types of credentials; something you know, something you have, and something you are. An example of something you know would be for example a personal identification number (PIN). Something you have would be an ATM card, an application on your phone, or a fob. Lastly, something you are would be a biometric such as a fingerprint, or a scan of your face.
The extra time spent using two-factor authentication is well worth it as it is far more secure than just single authentication. Multifactor authentication is becoming very common and popular vendors such as Google, Apple, Facebook, Twitter and Dropbox all use multifactor authentication.
In a business setting this may cause a huge headache though since employees often need to access many different systems and applications. To avoid a headache MFA can be used in conjunction with Single Sign-On (SSO), so that users don’t have to complete this process for each system or application they need to access.
With SSO once end-users have confirmed their identity using for example a smart card and PIN code, the required applications are loaded, and they will be logged in by the SSO solution automatically. This allows for employees to have the benefit of additional security without the headache of completing the login process for each system or application. Additional security can be added by configuring SSO so that if the user walks away and the workstation locks, other users will not be able to log in.