Multi-Factor Authentication (MFA) Documentation

Best Practices for Multi-Factor Authentication (MFA)

Creating Geo-Location/Fencing and Log-On Event Policies

What are the Basic, Advanced and Authentication Methods?

  1. Basic Authentication - Username/Password
  2. Advanced Authentication - Every other Authentication Method but Username/Password
  3. Authentication Methods - Forms of Authentication used to verify your identity for log in (Short list)
    1. Username/Password
    2. Facial Recognition
    3. Fingerprints
    4. USB Key
    5. Smart Card
    6. Text -Short Message Service (SMS) One Time Password (OTP)
    7. eMail - One Time Password (OTP)
    8. Voice - One Time Password (OTP)
    9. Voice
    10. Internal PKI Certificate
    11. Questions
    12. Smart phone/Fob - Random Number Generator (RNG)
    13. Retina Scan
    14. OAuth
    15. Radius
  4. Multi-Factor Authentication (MFA)
    1. When more than one Authentication Method is used for log in
      1. Examples
        1. 2 Factor - Username/Password + Fingerprints
        2. 3 Factor - Username/Password + Smart Card + Retina Scan
        3. X Factor - Chain as many methods together based on sensitivity of data and level of access
      2. X Factor info
        1. Usually maximum 10-12 methods available in vendor products
        2. Not recommended to use more than 4 methods at once for access - You want to verify their Identity not their life story!
        3. Best Practices - Using Authentication Methods based on
          1. Something you know - Password, code, etc..
          2. Something you have - Smart Card, Smart Phone, USB Key, etc..
          3. Something you are - Fingerprint, Retina, Facial, etc.
SSO MFA Authentication Architecture