5 Multi-Factor Authentication Examples

Multi-Factor Authentication
<img src="https://images.squarespace-cdn.com/content/v1/5d3a0abcf7bd0a0001f0b5e8/468687d1-f238-4b05-a0af-66a40051cf70/Multi-Factor-Authentication-Examples.jpg" alt="Multi-Factor Authentication Examples" />

Multi-factor authentication isn't new. In fact, you've probably been using multi-factor authentication for most of your life.

What is new is an increased emphasis on multi-factor authentication services and single-sign-on practices in the real world. Today, most companies are under constant siege by security threats. The best and easiest way to protect today's networks is through multi-factor authentication and single-sign-on.

However, before you do that, you need to understand how it works.

Let's take a look at some of the most common multi-factor authentication examples.

1. Logging into Your Bank Account

Let's say you're logging into your bank account through your web browser on your PC. You're asked for a login name and password. You click to log in. Your bank says it doesn't recognize your device. It sends you a confirmation code to your phone. You enter the confirmation code and you're logged in.

How many factors of authentication was that?

  1. Your login information.
  2. Your device.
  3. Your phone number.

You might think you just used two-factor authentication. In fact, banking systems are one of the best examples of multi-factor authentication — and it occurs almost without notice.

Your bank doesn't just identify your login information (what you know) and your phone (what you have). Your bank is also seeking to identify you over the internet — by seeing what device and location you're accessing the website from.

If your device and location don't match, then the system prompts you for more information. If you connect with a PC in Alabama and then a laptop in California the next day, the bank wants to know why.

This highlights the fact that multi-factor authentication can be very intuitive to a user — so intuitive, in fact, that it's almost invisible.

2. Connecting to the IRS

If you've ever had to log into the IRS website to get tax documents, you would have seen one of the simplest examples of multi-factor authentication.

First, you log in with your username and password. Then, you verify your phone number or email address. Finally, you answer a secret question that you've set. These are three factors in total.

Now, there's some crossover between what you have (username and password) and who you are (the secret question). In effect, the secret question could be seen as another type of password.

But that's just because biometric authentication and controls tend to be a little more challenging over the internet. Regardless, having a multi-stage, multi-factor authentication system is inherently more secure.

While someone may have a list of login names and passwords, it's far less likely that they have an associated list of secret questions.

Multi-Factor Authentication Examples
<img class="sqs-image-min-height" src="https://images.squarespace-cdn.com/content/v1/5d3a0abcf7bd0a0001f0b5e8/f0768995-53d7-418f-bd33-ab8cdc6db111/Multi-Factor-Authentication-Example.jpg" alt="Multi-Factor Authentication Examples" loading="lazy"/>

3. Logging into Proprietary Software

You're logging into an expensive, professional 3D design solution. You enter your username and password. The software system verifies that it's being used on a known computer. And then you clip in your USB dongle. You have entered into a multi-factor authentication system — one that is commonly used for piracy protection.

Expensive proprietary solutions already use multi-factor authentication. You need to log into the right account with the right subscription. You can't use the solution on multiple devices, so it checks to see "who you are." And finally, it checks for a physical support dongle — a USB that contains a unique key. Without that dongle, you can't use the solution.

It's perhaps not surprising that both two-factor authentication and multi-factor authentication have been most often used to protect software from piracy. Years before it became common in even the banking industry, it was being used to protect software from being stolen.

4. Using an ATM

An ATM asks you for your debit card and then your PIN. Without either, you can't withdraw money. But is that really multi-factor authentication?

It is, for two reasons. First, you might actually be using three-factor authentication, even if you don’t know it. The ATM asks for your debit card and your pin. But many modern ATMs are also recording your face. While it's not able to deny you on the basis of your biometric authentication, this can be used to verify your identity in the future.

Second, MFA doesn't have to be "three or more," it's just commonly used in that sense. Multi-factor authentication encompasses rather than exceeds two-factor authentication. Two-factor authentication is still a form of multi-factor authentication. Multi-factor authentication simply has the potential for being more.

5. Using a Credit Card Online

Have you ever wondered why you need to enter so much information in for your credit card? Each of them is a separate authentication factor.

First, there's the credit card number, which identifies the card. Then there's the verification code, which is used to verify that you physically have the card; it's on the back to hide it. The expiration date is yet another factor that ensures you have the physical item in front of you.

So, next time you reach for your wallet, consider that you're reaching for a physical item because the thing you "knew" (your saved credit card number) wasn't enough to use your credit card.

Using MFA

At this point, you likely see that you've been using multi-factor authentication the entire time. But you didn't realize it. And that's an important part.

The easier it is to use an authentication service, the more likely people are to remain secure. When authentication services aren't easy to use, people attempt to work around them. They attempt to defeat them. They want to do their job and they want to do it quickly. This can lead to bad security decisions.

Single-sign-on, especially as-a-service, is valuable to companies because it makes the process of implementing and managing multi-factor authentication services that much easier. The easier it is to use, the more adoption grows.

There are many different options for MFA, but no one single silver bullet. Businesses will need multiple solutions. Deploying and managing this patchwork can be complex, which is why it’s essential to work with a partner like Axiad. You can learn more about the advantages of SSO and MFA by connecting with us today.