MFA / Two-step Verification
Traditionally proving who you are has been done with a username and a password. However, that is no longer the best way to do it. Usernames are often easy to guess (often they're just your email address). While complicated passwords can be hard to remember, so too many people tend to pick simple ones or use the same password at many different sites. Once someone of nefarious intent has these details they can open many more 'doors' and take control of what's inside.
This is the reason why almost all online services — banks, social media, shopping, and yes, Microsoft 365 too — have added a way for your accounts to be more secure. You may hear it called "Two-Step Verification" or "Multi-factor Authentication" but the good ones all operate off the same principle. When you sign into the account for the first time on a new device or application (like a web browser) you need more than just the username and password. You need a second thing — a second "factor" - to prove who you are.
A factor in authentication is a way of confirming your identity when you try to sign in. For example, a password is one kind of factor, it's a thing only you (should) know.
The three most common kinds of factors are:
- Something you know - Like a password, or a memorized PIN.
- Something you have - Like a smartphone, or a secure USB key.
- Something you are - Like a fingerprint, or facial recognition.