Multi-factor authentication (MFA) typically uses two or more independent access methods like passwords, security tokens, and biometric verification. This creates a defense of multiple layers, which makes it much more difficult for an unauthorized person to access a protected system or application. This can be a computing device, a physical location a network, a website or a database.
As multiple access methods are used, the security will strengthen. Access methods like a password or a security questions can be hacked (or guessed) by brute-force or social engineering attacks. By adding an additional access method (like an authenticator or fingerprint) it will be significant more difficult for the hacker to gain access to the desired asset.
Within Multi-Factor Authentication there are 3 main types of access methods. By combining access methods from these different types a multi factor authentication is crafted. The 3 types are: Knowledge factors, Possession factors and Biometric factors.
These are access methods which use something you know. These knowledge factors are the most commonly used type. The user has to prove he has the knowledge of some secret information. Methods like passwords, PINs and security questions fall into this category.
These are access methods which use something you have. Access methods where physical devices are needed make up this category. Examples are USB tokens, card readers and wireless tags.
These are access methods which use something you are. This includes access methods that use any form of biometrics, like fingerprint readers, voice recognitions or retina scanners. These factors are almost 100% unique to the authorised user and thus, biometric factors, can be seen as the most secure of the 3 types.