Introduction to strong authentication (MFA)

Strong authentication allows administrators to require users to provide multiple verification factors before granting access. PingID provides a solution for Workforce scenarios, and PingOne MFA provides a solution for Customer scenarios.

A common security challenge is verifying that a user requesting access to a protected resource is who they claim to be and that they’re permitted to access the requested resource. Protected resources use an authentication service to verify the requesting end user’s authenticity.

Multi-factor authentication (MFA)

MFA is a process that uses two or more factors to verify an identity.

These factors include:

Knowledge factors: Something you know, such as a username and password, a PIN, or the answer to a particular challenge. Considered weak authentication factors, knowledge factors pose a medium-to-high risk to vulnerability and exposure to unauthorized and unintended users.
Possession factors: Something you have, such as an email address, phone number, hardware token, mobile device, or security key. Considered stronger than knowledge factors because they are mainly physical devices with a unique ID and should be secure in the possession of their owner.
Inherent factors: Something you are, such as a biometric identifier like a fingerprint, voice, or face recognition. Considered the strongest authentication factors and pose the lowest risk to security vulnerability.

You can find a list of supported authentication methods in Overview of authentication methods. PingOne strong authentication (MFA) can be implemented for your:

Customers (PingOne MFA): Secure authentication for customers of your organization.
Workforce (PingID): Secure authentication for your organization’s employees and contractors using PingID.