Multi-factor authentication is a security model to identify a user and grant them access only after successfully presenting two or more different pieces of evidence (factors) to a particular authentication mechanism.  A user provides something they know (a password) with something only the user possesses – like their cell phone.

The most common form of two-factor authentication that most everyone can relate to is using the ATM machine to withdraw money.  The user provides something they possess (bank card) and something they know (pin number) to the machine.  Once they successfully authenticate with both factors, they are able to access their account.

This type of authentication is quickly supplementing the traditional username and password to make sure resources are more secure.  While two-factor authentication adds an extra step to your authentication process, it is designed so that it’s still very easy to use for an end user.

Some frequent implementations of two factor that are used are:

  • SMS
  • Push notification
  • Phone call
  • USB Key has been implementing Duo Security for two-factor security, which is a trusted, best in class, cloud hosted platform for organizations of all sizes.  Some great use cases are protecting Microsoft Exchange server, Office 365, Remote Access, as well as insight into mobile devices (BYOD) that are being used on your network.  Implementing Duo security does not require major modifications to your existing infrastructure and can be completed in a modest amount of time.