What does multi-factor authentication require?

Multi-factor authentication (MFA) is a security measure that requires two or more independent credentials for verification. This approach significantly enhances security by ensuring that even if one factor (like a password) is compromised, an unauthorized user would still need to provide additional evidence of identity, such as a physical token, biometric scan, or one-time code sent to a mobile device.

In this context, requiring two or more different factors helps to reduce the risk of unauthorized access, as it combines something the user knows (like a password), something the user has (like a security token), or something the user is (like a fingerprint). By implementing this multifaceted approach to authentication, organizations can safeguard sensitive information more effectively against breaches and attacks.

The other choices do not align with the definition of multi-factor authentication. A single password relies on just one credential, annual security assessments pertain to evaluating security measures rather than authentication, and at least one factor does not specify the requirement for multiple factors.