MFA is an electronic authentication method used to ensure only authorised individuals have access to specific systems or data. A user is required to present two or more factors – these factors being 1) something you know, 2)something you have, or 3) something you are. Something you know may include your password or a pin code. Something you have may include a physical device such as a laptop, mobile device that generates a unique code or receives a voice call or a text message, a security token (USB stick or hardware token), ora unique certificate or token on another device. Something you are may include biometric identifiers.
Note that the following are not considered secure second factors: a shared secret key, an IP or
MAC address, a VPN, a monthly re-authentication procedure, or VOIP authentication.