Multi-factor authentication

Multi-factor authentication is a security measure that requires two or more proofs of identity to grant you access.

A security measure that requires two or more proofs of identity to grant you access

Multi-factor authentication (MFA) typically requires a combination of something the user knows (pin, secret question), physically possesses (card, token) or inherently possesses (finger print, retina).

diagram of two factor showing log in screen plus second factor equals access

Significantly more powerful security

The multiple layers make it much harder for criminals to attack your business. Criminals might manage to steal one proof of identity e.g. PIN, but they still need to obtain and use the other proofs of identity. Two-factor authentication (2FA) is the most common type of MFA.

    Accessing important internal and external accounts

    Small businesses should implement MFA wherever possible. Some MFA options include, but are not limited to:

    • Physical token
    • Random pin
    • Biometrics/ fingerprint
    • Authenticator app
    • Email
    • SMS
    Icon for ReportReport a cyber security incident for critical infrastructure Icon for becoming a alertsGet alerts on new threatsAlert Service Icon for becoming a partnerBecome anACSC partner Icon for reportingReport a cybercrime or cyber security incident
    Authorised by the Australian Government, Canberra