Multi-factor authentication (MFA)

Multi-factor authentication (MFA) secures login with at least two independent factors, such as a password plus a one-time code, instead of a password alone.

What is multi-factor authentication (MFA)?

Multi-factor authentication (MFA) requires at least two independent proofs from different categories at login: knowledge (password), possession (smartphone, token) or biometrics (fingerprint). A stolen password alone is then not enough.

What factors are there?

  • Knowledge: password or PIN
  • Possession: one-time code (TOTP), passkey or hardware token
  • Inherence: biometric features such as a fingerprint

Why does MFA matter?

Most attacks on accounts rely on stolen or weak passwords. MFA reduces this risk significantly and is part of many security requirements such as NIS2.

How SecureCloud implements MFA

SecureCloud supports multi-factor authentication as part of Advanced Access Management, including one-time codes (TOTP), passkeys and email OTP, combined with role-based access control.

Frequently asked questions

What is the difference between MFA and 2FA?

Two-factor authentication (2FA) uses exactly two factors and is a special case of multi-factor authentication (MFA), which requires two or more factors.

Is MFA required for the GDPR or NIS2?

MFA is a recognised technical measure for protecting access. Frameworks such as the GDPR and NIS2 require appropriate measures, for which MFA is an important building block.

Which MFA methods are considered secure?

Passkeys and app-based one-time codes (TOTP) are considered particularly secure. SMS codes are considered weaker because they are easier to intercept.

Erfahren Sie mehr!

Unsere Experten beantworten Ihnen gerne alle Fragen.

Elevating business.