Multifactor authentication is a key part of zero-trust security, and a method promoted by the likes of CISA. It aims to block out hackers who — in this age of data breaches — manage to steal users’ passwords. Multifactor authentication (MFA) often features in experts’ lists of low-hanging fruit cybersecurity improvements that agencies could adopt to make themselves harder targets. The Cybersecurity and Infrastructure Security Agency (CISA)’s recent 'Shields Up' notice urges organizations to use MFA for verifying remote access and high-level access requests, as part of better protecting the nation against potential Russian cyber attacks.
https://www.govtech.com/security/cyber-refresher-understanding-multifactor-authentication
