Definition

authentication factor

Ivy Wigmore

By

Ivy Wigmore

What is an authentication factor?

An authentication factor is a category of credential that is intended to verify, sometimes in combination with other factors, that an entity involved in some kind of communication or requesting access to some system is who, or what, they are declared to be.

Each category of credential is considered a factor. For example, usernames and passwords are the same type of factor, so their combined use is single-factor authentication (SFA), despite the fact that there are two elements involved.

Types of authentication factors

The three categories of authentication factors are generally broken down as:

Knowledge factors. A knowledge factor is something you know, such as a username and password.
Possession factors. A possession factor is something you have, such as a smart card or a security token.
Inherence factors. An inherence factor is something you are. This includes biometric factors such as a fingerprint, voice or iris pattern.

Graphic of various biometric authentication options — Biometric factors range from biometric scans to voice recognition to iris scans.

SFA vs. 2FA vs. 3FA vs. MFA

SFA is based on one category. The most common SFA method is a username and password combination (something you know). The security of SFA relies to some extent on the diligence of users. Best practices for SFA using passwords include selecting strong, unique passwords and not reusing passwords across accounts.

Systems and networks that contain sensitive data should use more than one authentication factor.

Two-factor authentication (2FA) uses two of the three categories. 2FA often includes a username-password combination, in addition to a security token, such as a key fob or smart card, a PIN or biometric, such as a fingerprint scan.

Three-factor authentication (3FA) requires the use of credentials from each of the three categories. An example of 3FA would be entering a PIN (something you know) to unlock your smartphone (something you have) and then supplying an iris scan (something you are) to finalize authentication.

Multifactor authentication (MFA) involves two or more independent credentials for more secure transactions. Like 2FA or 3FA, MFA can involve something you know, something you have and something you are.

Editor's note: This article was originally written by Ivy Wigmore. It was republished in March 2023 to improve the reader experience.

This was last updated in March 2023

Continue Reading About authentication factor

Why it's time to expire mandatory password expiration policies

4 essential identity and access management best practices

How to build an effective IAM architecture

7 reasons identity and access management is important

More on multifactor authentication from NIST

Dig Deeper on Identity and access management

Search Networking

BGP routing: A configuration and troubleshooting tutorial
BGP is the internet's core routing protocol, enabling communication between ISPs and large networks. This guide covers its ...
Cisco Live 2025 conference coverage and analysis
Cisco Live 2025 will largely focus on the need to modernize infrastructure with AI capabilities. Use this guide to follow along ...
Customer experience and hybrid work highlights Webex news at Cisco Live
Cisco unveils a strong set of AI-powered features for Webex Contact Center and Webex Meetings.

Search CIO

Proposed U.S. budget cuts raise fears about tech innovation
President Donald Trump's proposed FY 2026 budget slashes funding for federal agencies, including NSF and NIST, which support tech...
RIT showcase offers glimpse of early tech innovation cycle
Connected vehicle security, AI and 3D printing were among the technologies featured at Imagine RIT, an annual exhibition focusing...
Contempt order worsens Apple's antitrust woes
A federal judge found Apple to be in contempt of an injunction ordering the company to make access to alternative payment options...

Search Enterprise Desktop

How to create a custom Windows 11 image with Hyper-V
When administrators can deploy Windows systems in many ways, creating a custom VM with Hyper-V enables them to efficiently deploy...
End users can code with AI, but IT must be wary
The scale and speed of generative AI coding -- known as vibe coding -- are powerful, but users might be misapplying this ...
10 troubleshooting steps for when Windows Update is frozen
When a Windows desktop is frozen and can't update, there could be many causes. The troubleshooting process can be complicated, ...

Search Cloud Computing

HPE adds Morpheus Data to KVM hypervisor for enterprises
A KVM hypervisor by Hewlett-Packard Enterprise evolves with technology and capabilities from Morpheus Data, an HPE acquisition, ...
Gain insights with Enhanced Monitoring in Amazon RDS
RDS Enhanced Monitoring provides teams with additional data visibility to improve database scalability, performance, availability...
Nutanix expands storage, Kubernetes and AI platforms at Next
The latest capabilities and partnerships highlighted at Nutanix's Next conference expand disaggregated storage to Pure Storage, ...

ComputerWeekly.com

Mid-career professionals must learn to understand and use AI as GenAI tips balance
Whether in the finance, IT or legal sectors, artificial intelligence will change the way businesses operate and how their people ...
5GAA claims first-ever satellite, 5G-V2X direct vehicle connectivity
Leading car manufacturers demonstrate what is said to be a world-first for emergency messaging and hazard warnings showing the ...
ITS claims UK first for 50G-PON business trial
What is described as ‘pioneering’ test with Lancashire-based technology group said to have shown early demand for next-generation...

Close