Glossary
MULTI-FACTOR AUTHENTICATION / MFA
defined.
An authentication method that requires the user to provide two or more verification factors — something they know, have, or are.
A–Z
An authentication method that requires the user to provide two or more verification factors — something they know, have, or are.
MFA dramatically reduces account takeover risk but is not a silver bullet. Bypass techniques: SMS-OTP interception, MFA fatigue (push-bombing), token theft via phishing kits (Evilginx), and downgrade attacks falling back to weaker factors. WebAuthn / passkeys are the phishing-resistant answer.
See our web application penetration testing, API security testing, network penetration testing, and cloud security audit services for how we test for and defend against this class of issue.
30-minute call with an OSCP-certified engineer. Tailored proposal in 24 hours.