The Role of Multi-factor Authentication for Modern Day Security

Joseph Williamson (School of Computing, Engineering & Intelligent Systems, Ulster University, UK)
Kevin Curran (School of Computing, Engineering & Intelligent Systems, Ulster University, UK)


Multi-factor Authentication (MFA) often referred to as Two-factor Authentication (2FA), which is a subset of MFA, is the practice of implementing additional security methods on top of a standard username and password to help authenticate the identity of a user and increase the security of data.This chapter will investigate the problem with username and password logins, the different types of authentication, current best practice for multi-factor authentication and interpretations about how the technology will grow in the upcoming years.


Multi-factor authentication;Cybersecurity;2FA

Full Text:



[1] Archana, B. S., Chandrashekar, A., Bangi, A. G.,Sanjana, B. M. and Akram, S. (2017) Survey on usable and secure two-factor authentication.

[2] Bošnjak, L., Sreš, J. and Brumen, B. (2018) Bruteforce and dictionary attack on hashed real-world passwords.

[3] Tatli, E. I. (2015) Cracking More Password Hashes With Patterns.

[4] Gautam, T. and Jain, A. (2015) Analysis of brute force attack using TG — Dataset.

[5] Theocharoulis, K., Papaefstathiou, I. and Manifavas C. (2010) Implementing Rainbow Tables in HighEnd FPGAs for Super-Fast Password Cracking.

[6] Kumar, H., Kumar, S., Joseph, R., Kumar, D., Shrinarayan Singh, S. K., Kumar, P. and Kumar H.(2013) Rainbow table to crack password using MD5 hashing algorithm.

[7] British Standards Institution. (2017) BS ISO 9564-1:2017 Financial services. Personal Identification Number (PIN) management and security. Basic principles and requirements for PINs in card-based systems. BSI Standards Limited.

[8] PayPal. (2014). Password and PIN security. Available: Last accessed 7th November 2019.

[9] Rouse, M. (2015). knowledge-based authentication (KBA). Available: Last accessed 7th November 2019.

[10] Schechter, S., Brush, A.J.B. and Egelman, S. (2009) It’s No Secret. Measuring the Security and Reliability of Authentication via “Secret” Questions.

[11] How-To Geek. (2014). Security Questions Are Insecure: How to Protect Your Accounts.Available: accessed 7th November 2019.

[12] FIDO Alliance. (2013). FIDO U2F Security Key.Available: Last accessed 8th November 2019.

[13] Sudar, C., Arjun, S. K. and Deepthi, L. R. (2017) Time-based one-time password for Wi-Fi authentication and security.

[14] Muppidi, S. (2017) Companies Need More Than Two-Factor Authentication to Keep Users Safe.Harvard Business Review Digital Articles, 2-4.

[15] Kugler, L. (2019) The Trouble with SMS Two-Factor Authentication. Communications of the ACM, 62 (6),14-14.

[16] Ghosh, S., Goswami, J., Kumar, A. and Majumder, A.(2015) Issues in NFC as a form of contactless communication: A comprehensive survey.

[17] Haselsteiner, E. and Breitfuß K. (2007). Security In Near Field Communication (NFC) Strengths and Weaknesses. In: Goje, Amol C., Gornale, Shivanand S. and Yannawar, Pravin L. Proceedings of the 2nd National Conference on Emerging Trends in Information Technology (eIT-2007). New Delhi:L.K. International Publishing House Pvt. Ltd. 74.

[18] Symanovich, S. (2019). How does facial recognition work? Available: accessed 9th November 2019.

[19] Elets News Network. (2018). From July 1, authenticate Aadhaar through face recognition.Available: Last accessed 9th November 2019.

[20] Mazumdar, J. (2018). RETINA BASED BIOMETRIC AUTHENTICATION SYSTEM: A REVIEW.International Journal of Advanced Research in Computer Science. 9. 711-718.10.26483/ijarcs.v9i1.5322.

[21] Kapko, M. and Finnegan, M. (2018). What is Windows Hello? Microsoft’s biometrics security system explained. Available: accessed 11th November 2019.

[22] Dasgupta, D., Roy, A. and Nag, A. (2016) Toward the design of adaptive selection strategies for multi-factor authentication. Computers & Security, 63 85-116.



  • There are currently no refbacks.
Copyright © 2021 Joseph Williamson, Kevin Curran

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.