{
	"id": "2db042ca-4c8b-4929-b6cd-c4f51dd8af02",
	"created_at": "2026-04-06T00:13:58.543896Z",
	"updated_at": "2026-04-10T03:21:19.778302Z",
	"deleted_at": null,
	"sha1_hash": "1ca03ec4fc27e80411041941f2c037edd3fc8fdf",
	"title": "multi-factor authentication - Glossary | CSRC",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 36690,
	"plain_text": "multi-factor authentication - Glossary | CSRC\r\nArchived: 2026-04-05 14:56:00 UTC\r\n  The means used to confirm the identity of a user, process, or device (e.g., user password or token).\r\nSources:\r\nCNSSI 4009-2015 under authenticator\r\n  Authentication using two or more factors to achieve authentication. Factors include: (i) something you know\r\n(e.g. password/personal identification number (PIN)); (ii) something you have (e.g., cryptographic identification\r\ndevice, token); or (iii) something you are (e.g., biometric). See authenticator.\r\nSources:\r\nCNSSI 4009-2015 under multifactor authentication\r\n  An authentication system that requires more than one distinct authentication factor for successful authentication.\r\nMultifactor authentication can be performed using a multifactor authenticator or by a combination of\r\nauthenticators that provide different factors. The three authentication factors are something you know, something\r\nyou have, and something you are.\r\nSources:\r\nNIST SP 1800-17b under Multifactor Authentication\r\nNIST SP 1800-17c under Multifactor Authentication\r\n  Authentication using two or more factors to achieve authentication. Factors are (i) something you know (e.g.,\r\npassword/personal identification number); (ii) something you have (e.g., cryptographic identification device,\r\ntoken); and (iii) something you are (e.g., biometric).\r\nSources:\r\nNIST SP 1800-12b under multifactor authentication\r\n  Something that the claimant possesses and controls (typically a cryptographic module or password) that is used\r\nto authenticate the claimant’s identity. This was previously referred to as a token.\r\nSources:\r\nNIST SP 800-53 Rev. 5 under authenticator\r\n  An authentication system or an authenticator that requires more than one authentication factor for successful\r\nauthentication. Multi-factor authentication can be performed using a single authenticator that provides more than\r\none factor or by a combination of authenticators that provide different factors.\r\nSources:\r\nNIST SP 800-53 Rev. 5\r\n  The three authentication factors are something you know, something you have, and something you are. See\r\nauthenticator.\r\nhttps://csrc.nist.gov/glossary/term/multi_factor_authentication\r\nPage 1 of 3\n\nSources:\r\nNIST SP 800-53 Rev. 5\r\n  Authentication using two or more different factors to achieve authentication. Factors include something you\r\nknow (e.g., PIN, password), something you have (e.g., cryptographic identification device, token), or something\r\nyou are (e.g., biometric). See authenticator.\r\nSources:\r\nNIST SP 800-172\r\n  Authentication using two or more different factors to achieve authentication. Factors include something you\r\nknow (e.g., PIN, password), something you have (e.g., cryptographic identification device, token), or something\r\nyou are (e.g., biometric).\r\nSources:\r\nNIST SP 800-172A under multifactor authentication\r\n  Authentication using two or more factors to achieve authentication. Factors include: (i) something you know\r\n(e.g., password/personal identification number [PIN]); (ii) something you have (e.g., cryptographic identification\r\ndevice, token); or (iii) something you are (e.g., biometric).\r\nSources:\r\nNIST SP 1800-27B under Multifactor Authentication\r\nNIST SP 1800-27C under Multifactor Authentication from CNSSI 4009-2015\r\n  Something the claimant possesses and controls (typically a cryptographic module or password) that is used to\r\nauthenticate the claimant’s identity. This was previously referred to as a token.\r\nSources:\r\nNIST SP 800-171r3 under authenticator\r\n  Authentication using two or more different factors to achieve authentication. Factors include something you\r\nknow (e.g., PIN, password), something you have (e.g., cryptographic identification device, token), or something\r\nyou are (e.g., biometric). See authenticator.\r\nSources:\r\nNIST SP 800-171r3\r\n  See authenticator type and multi-factor authenticator.\r\nSources:\r\nNIST SP 800-63-4 [\r\n] under authenticator\r\n  An authentication system that requires more than one distinct type of authentication factor for successful\r\nauthentication. MFA can be performed using a multi-factor authenticator or by combining single-factor\r\nauthenticators that provide different types of factors.\r\nSources:\r\nhttps://csrc.nist.gov/glossary/term/multi_factor_authentication\r\nPage 2 of 3\n\nNIST SP 800-63-4 []\r\nNIST IR 8523 from NIST SP 800-63-4\r\n  Something the claimant possesses and controls (typically a cryptographic module or password) that is used to\r\nauthenticate the claimant’s identity.\r\nSources:\r\nNIST IR 8523 under authenticator from NIST SP 800-63-4\r\nSource: https://csrc.nist.gov/glossary/term/multi_factor_authentication\r\nhttps://csrc.nist.gov/glossary/term/multi_factor_authentication\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://csrc.nist.gov/glossary/term/multi_factor_authentication"
	],
	"report_names": [
		"multi_factor_authentication"
	],
	"threat_actors": [],
	"ts_created_at": 1775434438,
	"ts_updated_at": 1775791279,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/1ca03ec4fc27e80411041941f2c037edd3fc8fdf.pdf",
		"text": "https://archive.orkl.eu/1ca03ec4fc27e80411041941f2c037edd3fc8fdf.txt",
		"img": "https://archive.orkl.eu/1ca03ec4fc27e80411041941f2c037edd3fc8fdf.jpg"
	}
}