Multi-Factor Authentication
MFAA security mechanism that requires users to provide two or more verification factors to gain access to a resource.
What is Multi-Factor Authentication?
Multi-factor authentication combines something you know (password), something you have (phone or security key), and something you are (biometrics) to verify identity. This layered approach ensures that even if one factor is compromised, attackers cannot gain access without the additional factors. MFA blocks over 99.9% of account compromise attacks according to Microsoft research.
In Microsoft 365
In Microsoft 365, MFA is enforced through Conditional Access policies and can use Microsoft Authenticator, FIDO2 security keys, phone verification, or Windows Hello for Business. Azure AD/Entra ID provides MFA as a core identity protection feature.
Examples
- 1Authenticator app push notifications
- 2FIDO2 security key tap
- 3SMS verification code
- 4Phone call verification
- 5Biometric verification via Windows Hello
Related TrueConfig Controls
These controls help implement and verify multi-factor authentication in your Microsoft 365 environment.
Frequently Asked Questions
What is Multi-Factor Authentication (MFA)?▼
How does Multi-Factor Authentication work in Microsoft 365?▼
What are examples of Multi-Factor Authentication?▼
Which TrueConfig controls relate to Multi-Factor Authentication?▼
Related Terms
Phishing-Resistant MFA
Authentication methods that cannot be intercepted or replayed by attackers through phishing attacks.
Conditional Access
Policy-based access control that evaluates signals and enforces security requirements before granting access.
FIDO2
An open authentication standard that enables passwordless authentication using public key cryptography.
Passwordless Authentication
Authentication methods that verify identity without requiring traditional passwords.