Multi-factor authentication is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence to an authentication mechanism: knowledge , possession , and inherence .
It is a method of confirming users’ claimed identities by using a combination of two different factors: 1) something they know, 2) something they have, or 3) something they are.
A good example of two-factor authentication is the withdrawing of money from an ATM; only the correct combination of a bank card and a PIN allows the transaction to be carried out.
Two-step verification or two-step authentication is a method of confirming a user’s claimed identity by utilizing something they know and a second factor other than something they have or something they are. An example of a second step is the user repeating back something that was sent to them through an out-of-band mechanism , or a number generated by an app that is common to the user and the authentication system.
