Multi-factor authentication (MFA) typically uses two or more independent access methods like passwords, security tokens, and biometric verification. This creates a defense of multiple layers, which makes it much more difficult for an unauthorized person to access a protected system or application. This can be a computing device, a physical location a network, a website or a database.

If the unauthorized person succeeds in breaching one defense layer, he or she still has at least one more barrier to breach before successfully getting access to the target.