Multi-factor Authentication

An important authentication method is multi-factor authentication (MFA). Products such as Enterprise Office 365 are already using it, available for any user in Office 365 Midsize Business, Enterprise, Academic, and Nonprofit plans as well as the standalone versions of Exchange Online and SharePoint Online. The log-in verification feature is aimed at reducing users' vulnerability to online identity theft, phishing, and other scams by adding a second level of authentication to an account log-in. Twitter, Apple, PayPal, Google, Facebook, and other vendors already have implemented it. After correctly entering their username and password, users need to acknowledge a phone call, text message, or an app notification on their smartphone before they can gain access to their account. Two-factor authentication is the most common form of MFA and requires the use of two of the three authentication factors: Something only the user knows, something the user has, and something only the user is. In this work we will analyze some varieties, do UML models of their structure and dynamics, and compare MFA to other authentication approaches. ​