Weekly Deals

Enjoy great savings on select products. Shop and ship early for holiday delivery and get FREE shipping storewide.

Find a great deal each day.

Weekly Deals
Enjoy great savings on select products. Shop and ship early for holiday delivery and get FREE shipping storewide.

HP TECH TAKES /...

Exploring today's technology for tomorrow's possibilities
What is Multi-factor Authentication

What is Multi-factor Authentication?

Tulie Finley-Moise
|
Optimizing user experience comes in many shapes and forms, so when it comes to security, users want to know that their credentials are safe from any third-party cybercriminals. Multi-factor authentication is a combination of two or more independent credentials that establish a multi-layered security defense against unauthorized access.
Multi-factor authentication tackles the problem where a password isn’t enough to protect a device, network, database or secured location. A 2017 Verizon Data Breach Investigations Report [1] found that 81% of hacking-related breaches were enabled by weak or stolen passwords and that 75% of these breaches are executed by third-party outsiders.
In hopes of keeping private credentials safeguarded against hackers, multi-factor authentication and two-factor authentication have become the regular login procedure for popular consumer applications like Gmail, Facebook, and Twitter. But how does multi-factor authentication enhance security, and what is the difference between authentication and verification? Let’s dive into specifics.

What is multi-factor authentication and why is it important?

The digital age has made us more dependent on smart technology than ever before. From our classrooms and offices to our pockets and kitchen counters, our devices either go where we go or are stationed at our most frequented spaces. Our phones, computers, emails, and social media accounts all require passcodes for authorized entry, but sometimes those passwords aren’t sufficient.
People tend to gravitate toward easy passwords unless forcefully prompted to include numbers, capitalizations, and special characters. In addition to creating incredibly simple and hackable passwords, researchers at Virginia Tech University and Dashlane analysts found that 52% of consumers use the same password for a number of different services [2]. This means that if a hacker breaks through one account, accessing many others is then effortless.
Multi-factor authentication is the extra step needed after entering a password. This comes in a number of familiar forms you may not have even realized were multi-factor authentications. Single-factor authentication is the simplest of digital verification systems and has proven to be the most hackable. With the number of maliciously resourceful cybercriminals on the rise, multi-factor authentication has been on a steady and justified rise.

What are popular multi-factor authentication examples?

There are five different authentication factors that are enforced to strengthen identity verification; inherence, knowledge, possession, location, and time factors.

Inherence

Inherence factors require user biological traits to confirm authorized login. Facial recognition inherence authentication was one of the defining features of the Apple iPhone X. Fingerprint scanning is another common biometric authentication example found on computers, smart devices, and door locks. Other methods include voice recognition, retina, and iris scans.

Knowledge

Characterized by specific information known to a user, knowledge factors include usernames, passwords, PINs, and secret answers to security questions. This could be a debit card PIN number, or a complex password to access an email account.

Possession

Possession factors are tangible forms of login or entry credentials. A fob used to enter a building, a SIM card to access a wireless network, or an employee ID card are all common examples of possession factors.

Location

Smart devices are built with integrated GPS devices that understand your most frequented areas, so when an unauthorized person attempts to access your Facebook account from across the globe, you receive a notification for suspicious activity. So simply using your protected devices in your most frequented areas is an authentication factor.

Time

Typically referred to as a fourth factor, time is another background element that serves as an authentication factor. For example, completing a grocery shop in your local store will process as normal with your bank debit card, but if those same card credentials are used in France 20 minutes later, your bank will flag that attempt as fraud. It’s these logical security locks that help protect consumers from online bank scams.
Depending on what protected system you’re trying to access, the authentication factors will vary greatly. For example, a tenant living in a digital-secure building may need to enter a numerical code in addition to scanning a fob in order to enter their apartment. This would be considered a combination of a knowledge factor and a possession factor.

How does multi-factor authentication enhance security?

As per Verizon's Data Breach Investigations Report, the number of data breaches achieved by weak, hackable passwords has been on an alarming trend upward over the past three years. Multi-factor authentication aims to move away from simple single-factor authentication and complicate a hacker’s attempt to break in.
Multi-factor authentication enhances security by using confidential information only the original user knows. Beyond 7-character passwords, multi-factor authentication uses a number of authentication elements that supplement an otherwise unreliably simple log-in procedure.
In essence, unless the hacker has access to a fob, a PIN, or knows the answers to personal security questions, multi-factors provide necessary layers of security to prevent future breaches.

What is the future for multi-factor authentication?

Proving to be an excellent solution for business and individual users, multi-factor authentication’s future is a bright one. Financial institutions that offer online banking have already incorporated this fine-tuned security feature into their log-in process.
Popular consumer apps like Venmo and Paypal ask for additional information to supplement password entry. This step in the right direction will only benefit users and larger companies in the long-run and protect them against hackers.
One-time use tokens and time-based tokens have grown in popularity as well, and will likely continue to spread across the web. One-time-use tokens are used when logging in and to send a unique code to a phone via SMS or a unique link via email. These are common for password resets and identity verification processing.
Time-based tokens like Google Authenticator ensure that even if a user’s password is compromised, a hacker will still be barred from access because a time-based one-time password changes every 30 to 60 seconds.
At HP®, we aim to provide consumers with the highest grade of security to keep computers and tablets protected from unauthorized harm. HP SimplePass Fingerprint Reader utilizes inherence authentication factors to guarantee you, and only you can gain entry into your HP ENVY or HP Spectre laptop. Safety, guaranteed.

About the Author

Tulie Finley-Moise is a contributing writer for HP® Tech Takes. Tulie is a digital content creation specialist based in San Diego, California with a passion for the latest tech and digital media news.

Disclosure: Our site may get a share of revenue from the sale of the products featured on this page.

More about these products
Disclaimer

Prices, specifications, availability and terms of offers may change without notice. Price protection, price matching or price guarantees do not apply to Intra-day, Daily Deals or limited-time promotions. Quantity limits may apply to orders, including orders for discounted and promotional items. Despite our best efforts, a small number of items may contain pricing, typography, or photography errors. Correct prices and promotions are validated at the time your order is placed. These terms apply only to products sold by HP.com; reseller offers may vary. Items sold by HP.com are not for immediate resale. Orders that do not comply with HP.com terms, conditions, and limitations may be cancelled. Contract and volume customers not eligible.

HP’s MSRP is subject to discount. HP’s MSRP price is shown as either a stand-alone price or as a strike-through price with a discounted or promotional price also listed. Discounted or promotional pricing is indicated by the presence of an additional higher MSRP strike-through price

The following applies to HP systems with Intel 6th Gen and other future-generation processors on systems shipping with Windows 7, Windows 8, Windows 8.1 or Windows 10 Pro systems downgraded to Windows 7 Professional, Windows 8 Pro, or Windows 8.1: This version of Windows running with the processor or chipsets used in this system has limited support from Microsoft. For more information about Microsoft’s support, please see Microsoft’s Support Lifecycle FAQ at https://support.microsoft.com/lifecycle

Ultrabook, Celeron, Celeron Inside, Core Inside, Intel, Intel Logo, Intel Atom, Intel Atom Inside, Intel Core, Intel Inside, Intel Inside Logo, Intel vPro, Itanium, Itanium Inside, Pentium, Pentium Inside, vPro Inside, Xeon, Xeon Phi, Xeon Inside, and Intel Optane are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.

In-home warranty is available only on select customizable HP desktop PCs. Need for in-home service is determined by HP support representative. Customer may be required to run system self-test programs or correct reported faults by following advice given over phone. On-site services provided only if issue can't be corrected remotely. Service not available holidays and weekends.

HP will transfer your name and address information, IP address, products ordered and associated costs and other personal information related to processing your application to Bill Me Later®. Bill Me Later will use that data under its privacy policy.

Microsoft Windows 10: Not all features are available in all editions or versions of Windows 10. Systems may require upgraded and/or separately purchased hardware, drivers, software or BIOS update to take full advantage of Windows 10 functionality. Windows 10 is automatically updated, which is always enabled. ISP fees may apply and additional requirements may apply over time for updates. See http://www.microsoft.com.

HP Rewards qualifying and eligible products/purchases are defined as those from the following categories: Printers, Business PCs (Elite, Pro and Workstation brands), select Business Accessories and select Ink, Toner & Paper.