Which term describes the practice of verifying a user's identity through multiple factors?

The practice of verifying a user's identity through multiple factors is defined as multi-factor authentication. This method enhances security by requiring more than one form of verification before granting access to accounts or systems. Typically, it combines something the user knows (like a password), something the user has (like a smartphone or security token), and something the user is (such as biometric data like fingerprints or facial recognition).

Multi-factor authentication significantly decreases the likelihood of unauthorized access since it makes it more challenging for an attacker to compromise all required factors. For instance, even if a password is stolen, access would still be contingent upon the attacker having a secondary form of verification, such as a one-time code sent to the user’s phone.

The other terms refer to different security practices. Single sign-on allows users to log in once and gain access to multiple systems without repeatedly entering credentials, but it doesn’t involve additional verification factors. Biometric verification is one form of authentication but does not encompass the entire multi-factor approach since it relies solely on biometric data. Tokenization refers to the process of substituting sensitive data with unique identifiers or tokens, rather than verifying identity. Thus, multi-factor authentication is uniquely defined by its use of multiple authentication methods.