a password alone is not enough

Passwords alone are no longer enough to protect your online accounts. Luckily, there’s multifactor authentication (MFA): a simple way to add layers of protection to your username and passwords.

Password Image

MFA is like any type of protection you use every day.

MFA may sound like a new term, but using protection is something you probably do every day in real life — like using a seatbelt. Now it’s time to layer up in your digital life.



You use sunscreen as a second layer to protect from the sun. To stay safe online, use MFA to protect your logins.

Phone Case

Phone Case

A case keeps your phone safe the same way MFA protects your accounts.

Baseball Helmet

Baseball Helmet

A baseball helmet keeps your head safe from stray balls, while MFA keeps your account safe from improper access.

Oven Mitts

Oven Mitts

Oven mitts keep your hands from getting burned, the same way MFA keeps your accounts from getting burned.

Click Here to get the full scoop on strong authentication.


Overview Image

Multifactor authentication combines two or more independent credentials: what the user knows (password), what the user has (security token) and what the user is (biometric verification). The goal of MFA is to create a layered defense and make it more difficult for an unauthorized person to access a target such as a physical location, computing device, network or database. If one factor is compromised or broken, the attacker still has at least one more barrier to breach before successfully breaking into the target.

Hardware-Based MFA

Hardware-Based MFA Image

Hardware-based multifactor authentication, like Intel Authenticate, verifies identities by using multiple hardware encrypted factors at the same time: a single-use code, your Device ID, and your fingerprint.
Critical data is captured, encrypted, matched, and stored in hardware, closing the door and making it harder for even the most advanced threats to reach it.


Biometric Image

We’ve seen face scanners in movies for years, but now they’re a reality. You can add your fingerprint or facial characteristics to verify it’s you logging in. For example, Windows Hello logs you in with facial recognition with the camera typically found on your mobile device, tablet or PC.

Single-Use Codes

Single-Use Codes Image

This is the most common type of strong authentication. After you enter your username and password, you’ll enter a one-time code sent to your phone.


Contextual Image

Many apps use contextual clues like a user’s location, IP Address, WiFi Network, and your device to make sure you’re you.

Ready to test your knowledge?

Take the Authentication Quiz



Medium Articles

Hear from today’s top security experts at medium.com/practical-security

Article Image

How the Secret Service is fighting offline identity theft.

Identity theft grew from one million victims to 17.7 million between 2012 and 2014 — but not all of it is happening online.

Read the article
Article Image

Pwnd — how a Google hacker would hack you.

Parisa Tabriz manages the Chrome Security team, who work on making Chrome the safest way to browse the web. The best defense requires an offensive mindset, so it’s her job to think like a criminal. Here’s how she’d hack you.

Read the article
Article Image

Batman beats Superman, and other finds in 10 million leaked Passwords.

Last year, the single largest dataset of actual user passwords was released by security researcher Mark Burnett. While we’re advised to use nothing more than random characters, our passwords are a reflection of our culture, as much as ourselves. Here’s what they have to say.

Read the article
Article Image

Privacy is a four-letter word

You and me? We’re being tracked whether we like it or not... But don’t get up in arms over the loss of your “privacy”. This word, “privacy”? — it’s a problem.

Read the article