What are the benefits of Multi-factor authentication??

The concept of identity in the prevalent conventional identity systems that deal with only labels/attributes/characteristics – “What you have”, “What you know” and “What you are”, totally ignore the most relevant concept of “Who you know” – which is how humans establish trusted relationships. 

All things considered, are you sure you can trust such a website that asks for your login credentials?

The process for identification / authentication

1. must be tightly integrated with a given/underlying identity representation
2. must necessarily have a priori access to the identity data that is to be identified / authenticated
3. must necessarily authenticate all identifying/authenticating parties (entities) – preferably simultaneously

These are simple (minimal) properties that any identity/authentication system must possess. Some of them are straightforward while some may not be seem obvious.

Let us now visit some of the prevalent identification/authentication processes in light of the above properties -

• Login/Password – satisfies 1 and 2 above
• Digital Certifications/SSL – does not satisfy 2 and 3, and hence, should NOT be used for authentication
• Hardware/Software Tokens (and OTPs) – satisfy 1 and 2 but do not satisfy 3

Please note that even the use of multi-factors satisfy only properties 1 and 2 and not the property 3

I feel that with phishers, hackers, and scammers all along, there are so many ways to capture a user password in todays scenario, so multi-factor authentication is a way to secure the data with more than just a single username and password. If that username and password is compromised by any means, then the attacker will still need additional information to access the confidential data or website. With multi-factor authentication, It can be a security question or code request also, Like once a user logs in with their username and password, the website also asks them for their mothers name or some question for which only the user knows the answer, which they entered when originally setting up their account. This additional prompt can hinder an attackers attempt at accessing their account. Should they already know the username and password, they will also need to know the user mother’s name or that answer for that matter as well.

This is some sort of trend that has happened in the security arena for organizations and Biometrics is leading the way.  Biometrics is the use of some type of scan mechanic on the user’s body such as a finger print or eye retina. But with  adding multi-factor authentication where the second factor of authentication is something specific to that user adds a much deeper level of authentication which is much more secure. Adding a layer of security that is something of “what the user knows”, or “who the user is”, which makes it hard for someone other than that user to access the data.