Password-based authentication is the most common method of securing access to information resources. However, research demonstrates that using passwords is inefficient. Most of the information security incidents result from using weak passwords that can be easily guessed or from negligent password storage.
Introducing multifactor authentication significantly improves the infrastructure security level. As a rule, multifactor authentication means two-factor authentication—a two-staged access control technology when, in addition to entering the account username and password, the user is required to validate their identity using an additional method, for example, to enter a code received via a text message on the user's mobile. In addition to this option, the user can also be verified by means of biometric data and tokens.
The following methods can be used as an additional security level: