Multi-Factor Authentication
| Field |
Value |
| Symbol |
Mf |
| Class |
Safeguard |
| Definition |
A safeguard that requires more than one factor to verify an identity. |
Why it matters
MFA reduces the risk of account compromise when passwords, tokens, or credentials are exposed or guessed.
Protects
- Identity
- Applications
- Cloud accounts
- Administrative access
- Phishing
- Credential theft
- Password guessing
- Session misuse
- Password-only authentication
- Excess privilege
- Missing conditional access
- Weak onboarding process
Assurance evidence
- MFA policy configuration
- MFA enrollment report
- Sign-in logs
- Exception list
- Periodic access review
Framework crosswalk
| Framework |
Mapping idea |
| NIST CSF |
Identity and access protection outcomes |
| ISO 27001 |
Access control safeguards |
| SOC 2 |
Logical access control evidence |