[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Security Operations](https://www.paloaltonetworks.com/cyberpedia/security-operations?ts=markdown) 3. [Identity Management](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown) 4. [What Are Multifactor Authentication (MFA) Examples and Methods?](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods?ts=markdown) Table of Contents * [What Is Access Control?](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown) * [Access Control Explained](https://www.paloaltonetworks.com/cyberpedia/access-control#explained?ts=markdown) * [What Are Different Types of Access Control?](https://www.paloaltonetworks.com/cyberpedia/access-control#different?ts=markdown) * [Benefits of Effective Access Control Systems](https://www.paloaltonetworks.com/cyberpedia/access-control#benefits?ts=markdown) * [Access Control Use Cases](https://www.paloaltonetworks.com/cyberpedia/access-control#use-cases?ts=markdown) * [DSPM and Access Control](https://www.paloaltonetworks.com/cyberpedia/access-control#dspm?ts=markdown) * [Access Control FAQs](https://www.paloaltonetworks.com/cyberpedia/access-control#faqs?ts=markdown) * [What Is Identity Visibility and Intelligence (IVIP)?](https://www.paloaltonetworks.com/cyberpedia/identity-visibility-intelligence-ivip?ts=markdown) * [The Identity Visibility Crisis](https://www.paloaltonetworks.com/cyberpedia/identity-visibility-intelligence-ivip#identity?ts=markdown) * [Understanding IVIP: Definition and Core Concepts](https://www.paloaltonetworks.com/cyberpedia/identity-visibility-intelligence-ivip#ivip?ts=markdown) * [Why IVIP Emerged Now](https://www.paloaltonetworks.com/cyberpedia/identity-visibility-intelligence-ivip#why?ts=markdown) * [What IVIP Actually Does](https://www.paloaltonetworks.com/cyberpedia/identity-visibility-intelligence-ivip#what?ts=markdown) * [IVIP Within the Identity Fabric Architecture](https://www.paloaltonetworks.com/cyberpedia/identity-visibility-intelligence-ivip#fabric?ts=markdown) * [IVIP vs. Adjacent Technologies](https://www.paloaltonetworks.com/cyberpedia/identity-visibility-intelligence-ivip#adjacent?ts=markdown) * [Real-World Use Cases and Applications](https://www.paloaltonetworks.com/cyberpedia/identity-visibility-intelligence-ivip#usecase?ts=markdown) * [Implementation Considerations and Architecture](https://www.paloaltonetworks.com/cyberpedia/identity-visibility-intelligence-ivip#implementation?ts=markdown) * [Market Maturity and Adoption Roadmap](https://www.paloaltonetworks.com/cyberpedia/identity-visibility-intelligence-ivip#market?ts=markdown) * [Identity Visibility and Intelligence Platforms (IVIP) FAQs](https://www.paloaltonetworks.com/cyberpedia/identity-visibility-intelligence-ivip#faq?ts=markdown) * [What is Identity Security Posture Management (ISPM)?](https://www.paloaltonetworks.com/cyberpedia/identity-security-posture-management-ispm?ts=markdown) * [What Identity Security Posture Management Is and Why It Emerged](https://www.paloaltonetworks.com/cyberpedia/identity-security-posture-management-ispm#identity?ts=markdown) * [The Identity Attack Surface in Modern Enterprises](https://www.paloaltonetworks.com/cyberpedia/identity-security-posture-management-ispm#surface?ts=markdown) * [Core Capabilities of ISPM Platforms](https://www.paloaltonetworks.com/cyberpedia/identity-security-posture-management-ispm#platform?ts=markdown) * [How ISPM Differs from Adjacent Technologies](https://www.paloaltonetworks.com/cyberpedia/identity-security-posture-management-ispm#how?ts=markdown) * [ISPM Architecture and Technical Implementation](https://www.paloaltonetworks.com/cyberpedia/identity-security-posture-management-ispm#technical?ts=markdown) * [Key Use Cases and Operational Workflows](https://www.paloaltonetworks.com/cyberpedia/identity-security-posture-management-ispm#key?ts=markdown) * [ISPM Implementation Strategy](https://www.paloaltonetworks.com/cyberpedia/identity-security-posture-management-ispm#strategy?ts=markdown) * [Common Identity Posture Risks ISPM Addresses](https://www.paloaltonetworks.com/cyberpedia/identity-security-posture-management-ispm#risk?ts=markdown) * [Measuring and Improving Identity Security Posture](https://www.paloaltonetworks.com/cyberpedia/identity-security-posture-management-ispm#improving?ts=markdown) * [The Future of Identity Security Posture Management](https://www.paloaltonetworks.com/cyberpedia/identity-security-posture-management-ispm#future?ts=markdown) * [ISPM FAQs](https://www.paloaltonetworks.com/cyberpedia/identity-security-posture-management-ispm#faq?ts=markdown) * [What Is Cloud Infrastructure Entitlement Management (CIEM)?](https://www.paloaltonetworks.com/cyberpedia/what-is-ciem?ts=markdown) * [Why Is CIEM Important to Your Cloud Security Strategy?](https://www.paloaltonetworks.com/cyberpedia/what-is-ciem#why?ts=markdown) * [What Are the Components of CIEM?](https://www.paloaltonetworks.com/cyberpedia/what-is-ciem#what?ts=markdown) * [How Is CIEM Used?](https://www.paloaltonetworks.com/cyberpedia/what-is-ciem#how?ts=markdown) * [How Does CIEM Improves Cloud Security?](https://www.paloaltonetworks.com/cyberpedia/what-is-ciem#security?ts=markdown) * [Key Security Benefits of CIEM](https://www.paloaltonetworks.com/cyberpedia/what-is-ciem#key?ts=markdown) * [Discover CIEM | Prisma Cloud](https://www.paloaltonetworks.com/cyberpedia/what-is-ciem#discover?ts=markdown) * [CIEM FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-ciem#faqs?ts=markdown) * [What is the Evolution of Multifactor Authentication](https://www.paloaltonetworks.com/cyberpedia/what-is-the-evolution-of-multi-factor-authentication?ts=markdown) * [Drivers for the Evolution of MFA](https://www.paloaltonetworks.com/cyberpedia/what-is-the-evolution-of-multi-factor-authentication#drivers?ts=markdown) * [Brief History of Multi-Factor Authentication](https://www.paloaltonetworks.com/cyberpedia/what-is-the-evolution-of-multi-factor-authentication#brief?ts=markdown) * [The Future of Authentication](https://www.paloaltonetworks.com/cyberpedia/what-is-the-evolution-of-multi-factor-authentication#future?ts=markdown) * [Evolution of MFA FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-the-evolution-of-multi-factor-authentication#faqs?ts=markdown) * [What Is the Principle of Least Privilege?](https://www.paloaltonetworks.com/cyberpedia/what-is-the-principle-of-least-privilege?ts=markdown) * [How does the principle of least privilege (PoLP) work?](https://www.paloaltonetworks.com/cyberpedia/what-is-the-principle-of-least-privilege#how?ts=markdown) * [Why Is the Principle of Least Privilege Important?](https://www.paloaltonetworks.com/cyberpedia/what-is-the-principle-of-least-privilege#why?ts=markdown) * [What Are the Benefits of the Principle of Least Privilege?](https://www.paloaltonetworks.com/cyberpedia/what-is-the-principle-of-least-privilege#what?ts=markdown) * [How to Implement PoLP in your organization](https://www.paloaltonetworks.com/cyberpedia/what-is-the-principle-of-least-privilege#organization?ts=markdown) * [Get PoLP with ZTNA 2.0 on Prisma Access](https://www.paloaltonetworks.com/cyberpedia/what-is-the-principle-of-least-privilege#get?ts=markdown) * [Principle of Least Privilege Access FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-the-principle-of-least-privilege#faqs?ts=markdown) * [What is Multifactor Authentication (MFA) Implementation?](https://www.paloaltonetworks.com/cyberpedia/what-is-mfa-implementation?ts=markdown) * [Why MFA Implementation is Important](https://www.paloaltonetworks.com/cyberpedia/what-is-mfa-implementation#why?ts=markdown) * [Planning Your MFA Implementation Strategy](https://www.paloaltonetworks.com/cyberpedia/what-is-mfa-implementation#planning?ts=markdown) * [Step-by-Step Guide to Implementing MFA](https://www.paloaltonetworks.com/cyberpedia/what-is-mfa-implementation#step?ts=markdown) * [Overcoming Challenges in MFA Implementation](https://www.paloaltonetworks.com/cyberpedia/what-is-mfa-implementation#overcoming?ts=markdown) * [Best Practices for Maintaining Effective MFA](https://www.paloaltonetworks.com/cyberpedia/what-is-mfa-implementation#best?ts=markdown) * [Evaluating the Success of MFA Deployment](https://www.paloaltonetworks.com/cyberpedia/what-is-mfa-implementation#evaluating?ts=markdown) * [MFA Implementation FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-mfa-implementation#faqs?ts=markdown) * [What Is Multifactor Authentication?](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication?ts=markdown) * [Multifactor Authentication Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#multifactor?ts=markdown) * [Why Multifactor Authentication Is Crucial](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#why?ts=markdown) * [How Multifactor Authentication Works](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#how?ts=markdown) * [Authentication Factors and Methods](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#methods?ts=markdown) * [MFA vs. Two-Factor Authentication (2FA)](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#vs?ts=markdown) * [Implementing Multifactor Authentication: Best Practices](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#practices?ts=markdown) * [MFA Deployment Considerations](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#mfa?ts=markdown) * [Common MFA Security Weaknesses and Mitigations](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#common?ts=markdown) * [MFA Policy, User Experience, and Compliance](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#policy?ts=markdown) * [Advanced MFA Concepts: Adaptive and AI-Enhanced Authentication](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#advanced?ts=markdown) * [Real-World MFA Examples](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#examples?ts=markdown) * [The Future of MFA: Emerging Trends and Innovations](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#innovations?ts=markdown) * [Multifactor Authentication FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication#faqs?ts=markdown) * [What Is Access Management?](https://www.paloaltonetworks.com/cyberpedia/access-management?ts=markdown) * [Understanding Access Management](https://www.paloaltonetworks.com/cyberpedia/access-management#understanding?ts=markdown) * [What Are the Key Components of Access Management?](https://www.paloaltonetworks.com/cyberpedia/access-management#what?ts=markdown) * [Types of Access Management Solutions](https://www.paloaltonetworks.com/cyberpedia/access-management#types?ts=markdown) * [Implementing Access Management](https://www.paloaltonetworks.com/cyberpedia/access-management#implementing?ts=markdown) * [Access Management FAQs](https://www.paloaltonetworks.com/cyberpedia/access-management#faqs?ts=markdown) * [What is BeyondCorp?](https://www.paloaltonetworks.com/cyberpedia/what-is-beyondcorp?ts=markdown) * [Why Organizations Use BeyondCorp](https://www.paloaltonetworks.com/cyberpedia/what-is-beyondcorp#why?ts=markdown) * [How BeyondCorp Works](https://www.paloaltonetworks.com/cyberpedia/what-is-beyondcorp#how?ts=markdown) * [How BeyondCorp Relates to Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-beyondcorp#relate?ts=markdown) * [What Is Least Privilege Access?](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown) * [Least Privilege Access, Defined](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#definition?ts=markdown) * [Benefits of Least Privilege](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#benefits?ts=markdown) * [Example of Least Privilege Access](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#example?ts=markdown) * [Least Privilege vs. Zero Trust](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#vs?ts=markdown) * [Managing Least Privilege Access](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#manage?ts=markdown) * [Least Privilege Access FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access#faqs?ts=markdown) * What are MFA Examples and Methods? * [Types of Authentication Factors](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#types?ts=markdown) * [Common MFA Examples](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#examples?ts=markdown) * [Common MFA Use Cases](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#usecases?ts=markdown) * [MFA Methods](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#methods?ts=markdown) * [Best Practices for MFA](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#best?ts=markdown) * [Industry Regulatory Compliance for MFA](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#industry?ts=markdown) * [MFA Examples and Methods FAQs](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#faqs?ts=markdown) * [What Is Identity and Access Management (IAM)?](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management?ts=markdown) * [What Is Identity and Access Management?](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management#what?ts=markdown) * [Why Is IAM Important?](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management#why?ts=markdown) * [IAM vs. PAM](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management#iam-vs-pam?ts=markdown) * [Cloud IAM vs. On-Prem IAM](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management#vs?ts=markdown) * [IAM Security](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management#iam-security?ts=markdown) * [Identity and Access Management FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management#faq?ts=markdown) # What Are Multifactor Authentication (MFA) Examples and Methods? 3 min. read Table of Contents * * [Types of Authentication Factors](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#types?ts=markdown) * [Common MFA Examples](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#examples?ts=markdown) * [Common MFA Use Cases](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#usecases?ts=markdown) * [MFA Methods](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#methods?ts=markdown) * [Best Practices for MFA](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#best?ts=markdown) * [Industry Regulatory Compliance for MFA](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#industry?ts=markdown) * [MFA Examples and Methods FAQs](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#faqs?ts=markdown) 1. Types of Authentication Factors * * [Types of Authentication Factors](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#types?ts=markdown) * [Common MFA Examples](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#examples?ts=markdown) * [Common MFA Use Cases](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#usecases?ts=markdown) * [MFA Methods](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#methods?ts=markdown) * [Best Practices for MFA](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#best?ts=markdown) * [Industry Regulatory Compliance for MFA](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#industry?ts=markdown) * [MFA Examples and Methods FAQs](https://www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods#faqs?ts=markdown) Multifactor Authentication (MFA) methods involve using two or more distinct types of verification to prove your identity. This means you must provide credentials from different categories, like "something you know" (e.g., a password) and "something you have" (e.g., a code from an authenticator app or an SMS code). Examples include using a password combined with a fingerprint scan or a security key. Examples include scenarios like using a password combined with a fingerprint scan. ## Types of Authentication Factors Authentication factors are divided into three main categories: knowledge, possession, and inherence. Understanding and correctly implementing these diverse authentication factors ensures that access to sensitive information or systems remains controlled and secure, minimizing the risk of unauthorized access and [data breaches](https://www.paloaltonetworks.com/cyberpedia/data-breach?ts=markdown). ### Knowledge Factors Knowledge factors involve information that the user knows, such as a password or a PIN. These are among the easiest to implement but are also susceptible to compromise if not backed by other factors. ### Possession Factors Possession factors rely on the user's possession of something, such as a smartphone or a security token. These factors typically work by sending a verification code to the device or using a dedicated app to approve login attempts, which adds a layer of physical security. ### Inherence Factors Inherence factors often deemed the most secure, involve something the user is, such as fingerprints, voice recognition, or facial recognition. These biometric methods are more difficult for unauthorized users to replicate. [Okta](https://www.okta.com/sites/default/files/2024-10/Secure_Sign_in_Trends_Report_2024.pdf) discovered that apart from standard passwords, which are used 95% of the time, the most commonly used authentication method is push notifications at 29%. This is followed by SMS at 17% and soft tokens at 14%. ## Common MFA Examples In today's digital landscape, [Multi-Factor Authentication (MFA)](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication?ts=markdown)has become a vital security measure for protecting [sensitive information](https://www.paloaltonetworks.com/cyberpedia/sensitive-data?ts=markdown). Real-world examples of MFA implementation can be seen across various industries. The following examples highlight the diverse applications of MFA, underscoring its effectiveness in enhancing security across different domains. * **Biometric Authentication:** Using fingerprint or facial recognition to access mobile devices or secure apps. * **SMS-Based OTPs (One-Time Passwords):** Receiving a code via text message to verify identity after entering a username and password. * **Authenticator Apps:** Apps like Google Authenticator or Microsoft Authenticator generate time-based one-time codes. * **Hardware Tokens:** Physical devices such as YubiKey that provide unique authentication codes. * **Push Notifications:** Approving login attempts through a notification sent to a mobile device. * **Email Verification Codes:** Sending a one-time code or link to the registered email for verification. ## Common MFA Use Cases Okta reported that heavily regulated sectors like government and education experienced a notable rise in MFA adoption rates, exceeding 5% within a year. ([Okta](https://www.okta.com/resources/whitepaper-the-secure-sign-in-trends-report/)) ### Account Creation Using MFA during account creation confirms that the mobile number and email used are valid. MFA also prevents [cybercriminals](https://www.paloaltonetworks.com/cyberpedia/cybercrime-the-underground-economy?ts=markdown) from creating accounts with fake identities. ### Financial Institutions Financial institutions extensively use MFA to secure online banking platforms, where users must authenticate through a combination of passwords, one-time passcodes sent to their mobile devices, and sometimes facial recognition. If users try to log in from an unknown location or device, adaptive authentication triggers additional authentication. The same applies to other financial accounts, such as credit card accounts, stock trading platforms, and cryptocurrency exchanges. ### Healthcare Sector Similarly, in the healthcare sector, MFA safeguards patient data, requiring medical staff to verify their identities through a blend of smart cards and fingerprint scanning. ### E-commerce Another example is e-commerce, where online retailers enhance customer account security by implementing MFA, often using email verification and security questions. ### Educational Institutions Educational systems, like universities, employ MFA to protect their digital resources, necessitating an access code and a biometric method such as a fingerprint for login. MFA protects student data and access to online learning platforms, which have become crucial, especially during remote learning. ### Corporate Networks Similarly, corporate networks benefit significantly from MFA, as businesses seek to [secure access](https://www.paloaltonetworks.com/cyberpedia/access-control?ts=markdown) to confidential work data and applications, especially with the increasing trend of remote work. Employees verify their identity via a secure app before logging into the company's internal network. ### Social Media Platforms Social media platforms are increasingly encouraging users to enable MFA to protect their personal information and prevent unauthorized access, helping to maintain user trust and privacy. ### Account Recovery MFA ensures that account recovery attempts are legitimate. When users forget their passwords or need to regain access, MFA can be used to require them to verify their identity through additional methods, such as a one-time code generated by an authentication app or a biometric authenticator. ### Using an ATM ATMs were among the early examples of MFA. At a minimum, a two-step authentication process is used, with users required to provide their bank card and enter a PIN. In some cases, an additional level of authentication is required, such as a retinal or fingerprint scan. ### Using a Credit Card or Debit Card Online Online purchases all require some type of MFA. First, the buyer must enter the credit card number to identify the card. They must also enter the security code printed on the back of the physical card, along with the expiration date. This ensures that if the credit card number was stolen and the individual still has the physical card, it can not be used to make online purchases. ## MFA Methods MFA methods have become increasingly diverse, providing users with various options to secure their personal and professional information. Implementing the right combination of these methods can significantly reduce the risk of unauthorized access while maintaining ease of use for legitimate users: * Knowledge-based authentication (passwords, PINs, security questions) combined with additional factors such as biometrics or one-time codes * Biometric authentication methods, including fingerprint, facial recognition, and voice recognition * Adaptive MFA, which tailors authentication processes based on the user's behavior and location, offers a sophisticated approach by balancing security and user experience. ## Best Practices for MFA To effectively leverage MFA for improved security, it's essential to adhere to best practices that ensure comprehensive protection and user-friendliness. Employing the following strategies creates a more secure and adaptable authentication environment, protecting sensitive information more effectively: 1. Regularly review and update authentication methods to address evolving threats, ensuring your MFA solution remains resilient against the latest [cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-cyber-security?ts=markdown) challenges. 2. Educate users on the importance of MFA and provide training on how to efficiently use it, as informed users are less likely to fall prey to [social engineering attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering?ts=markdown). 3. Implement MFA policies that require strong, unique authentication factors tailored to different organizational risk levels to bolster security without imposing unnecessary burdens on users. 4. Monitor and analyze MFA deployments with advanced analytics to further enhance security. This enables organizations to detect and respond to suspicious activities promptly. ### Enhancing Security with Artificial Intelligence (AI) in MFA Integrating [AI](https://www.paloaltonetworks.com/cyberpedia/artificial-intelligence-ai?ts=markdown)into MFA systems enhances security through advanced analysis and real-time threat detection. Modern AI-driven MFA systems incorporate: * **Behavioral Biometrics:** AI algorithms analyze patterns in user behavior, such as typing rhythm, mouse movements, and touchscreen interaction, to create unique user profiles. These patterns help detect anomalies that might indicate unauthorized access attempts. * **Contextual Authentication** : AI systems evaluate multiple contextual factors in real-time, including: * Device fingerprinting * Location patterns * Time-based access patterns * Network characteristics * User interaction patterns * **Risk-Based Authentication:** AI determines risk levels for each authentication attempt by analyzing: * Historical user behavior * Known threat patterns * Unusual login locations or times * Device trust scores * Transaction patterns * **Fraud Detection:** [Machine learning](https://www.paloaltonetworks.com/cyberpedia/machine-learning-ml?ts=markdown)models identify potential security threats by: * Detecting unusual patterns in authentication attempts * Identifying potential credential stuffing attacks * Spotting automated bot activities * Recognizing sophisticated phishing attempts This enhanced AI-driven security operates seamlessly in the background, adjusting authentication requirements based on risk levels while maintaining a smooth user experience for legitimate access attempts. ## Industry Regulatory Compliance for MFA MFA helps organizations address security requirements to maintain [regulatory compliance](https://www.paloaltonetworks.com/cyberpedia/data-compliance?ts=markdown). For many industry-specific regulations, MFA is mandatory. ### Education While the [Family Educational Rights and Privacy Act (FERPA)](https://studentprivacy.ed.gov/ferpa) does not explicitly require MFA, educational institutions handling student records and data are encouraged to use strong access controls. ### Financial Services A number of regulations govern security and drive the use of MFA for organizations in the financial services sector. Below are several examples of these regulations: * [Federal Financial Institutions Examination Council (FFIEC)](https://www.ffiec.gov/)---Recommends multi-factor authentication for financial institutions to protect against online fraud, particularly for online banking services. * [Gramm-Leach-Bliley Act (GLBA)](https://www.ftc.gov/legal-library/browse/statutes/gramm-leach-bliley-act)---Mandates that financial institutions implement security measures to protect customer data, and MFA is a recommended control under its Safeguards Rule. * [New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR 500)](https://www.dfs.ny.gov/industry_guidance/cybersecurity)---Requires multi-factor authentication for individuals accessing internal networks with non-public information. * [Payment Card Industry Data Security Standard (PCI DSS)](https://www.paloaltonetworks.com/cyberpedia/pci-dss?ts=markdown)---Requires MFA for administrative access to cardholder data environments (CDE). ### General Data Protection Regulation (GDPR) Although[GDPR](https://www.paloaltonetworks.com/cyberpedia/gdpr-compliance?ts=markdown) does not explicitly require multi-factor authentication, it mandates that organizations implement "appropriate technical and organizational measures" to secure personal data. MFA is often implemented as such a measure. ### Government * [Cybersecurity Maturity Model Certification (CMMC)](https://dodcio.defense.gov/cmmc/About/)---Contractors working with the U.S. Department of Defense (DoD) must comply with CMMC, which mandates MFA to access systems and data at maturity levels two and above. * [National Institute of Standards and Technology (NIST)](https://www.nist.gov/) Special Publication 800-63B---This applies to U.S. federal agencies and requires MFA for digital identity verification, especially for access to sensitive information. ### Healthcare [The Health Insurance Portability and Accountability Act (HIPAA)](https://www.paloaltonetworks.com/cyberpedia/what-is-hipaa?ts=markdown) Requires healthcare organizations to implement access controls to safeguard [Protected Health Information (PHI)](https://www.paloaltonetworks.com/cyberpedia/protected-health-information-phi?ts=markdown). Multi-factor authentication is recommended to meet the HIPAA Security Rule's requirements. ### Retail and E-Commerce PCI DSS requires multi-factor authentication to secure administrative access to payment card data environments. This requirement applies to all merchants and service providers that process credit card transactions. ### Internal Use Cases for MFA In addition to regulatory compliance requirements, MFA helps organizations meet internal security standards. The following examples apply to organizations across most industries. #### Company Logins Organizations can further strengthen their security posture by integrating MFA with other authentication systems: * **Single Sign-On (SSO) with SAML**: By using SAML (Security Assertion Markup Language), companies can implement SSO. This means employees only need to remember one set of login credentials to access all their different applications, simplifying the user experience while maintaining strong security. * **LDAP with MFA**: When LDAP (Lightweight Directory Access Protocol) is combined with MFA, it adds an extra layer of authentication for critical systems. This ensures that even when accessing sensitive applications like CRM (Customer Relationship Management), HR, finance platforms, cloud services, or customer databases, users must provide additional verification beyond just their initial login. This significantly reduces the risk of unauthorized access to sensitive company data. #### Corporate Wi-Fi Networks MFA can be used to authenticate employees or devices when they connect to secure corporate Wi-Fi networks. Restricting Wi-Fi access to only authorized users is important because this access can be used to move into other network parts. #### Email and Communication Systems Adding MFA to email and other communication systems helps prevent unauthorized access to corporate communication channels. These tools are widely used to share and store sensitive information, so ensuring that only authorized users can access them is critical to an organization's security posture. #### Remote Access through Virtual Private Networks MFA is vital for the secure deployment and use of [VPNs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-remote-access-vpn?ts=markdown). Deploying MFA allows administrators to harden VPNs with identifying verifications to ensure safe access. #### Privileged Account Management MFA helps [secure access to privileged accounts](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown). Though restricted to system administrators or executives, these accounts are often targets for compromise because they have higher access and control over company resources. #### Securing Software Development Environments Organizations with internal development teams must have strict access controls to protect these valuable assets. MFA restricts authorized personnel's access to development environments, source code repositories, and [CI/CD pipelines](https://www.paloaltonetworks.com/cyberpedia/what-is-the-ci-cd-pipeline-and-ci-cd-security?ts=markdown). ## MFA Examples and Methods FAQs ### What are the best practices to ensure MFA adoption across various industries and use cases? It is imperative to provide a positive user experience to ensure the optimal efficacy of multi-factor authentication. MFA systems should be designed to provide security without impeding user experience. Several ways to achieve this are: * Design MFA processes that work well on traditional systems and mobile devices. * Ensure that users understand how to set up and use MFA features. * Give users the ability to create trusted devices. * Implement MFA in conjunction with single sign-on (SSO). * Implement adaptive or risk-based authentication, which requires additional authentication factors when detecting suspicious activity. * Offer several MFA options, such as SMS, email, authenticator apps, and biometrics. * Use seamless authentication methods that require minimal user interaction, such as passwordless options based on FIDO2, push notifications, and biometrics. ### What are 3 reasons multi-factor authentication should be used? There are three prominent cross-industry use cases for multi-factor authentication. MFA is a must-have for most organizations because: 1. It provides an extra layer of protection against security's many weaknesses, such as compromised login credentials and phishing attempts. 2. To ensure regulatory compliance, MFA meets the requirements that industries and governments must adhere to. 3. It increases trust in the organization across employees, customers, partners, and other users. ### What is an example of 3FA authentication? An example of 3FA (three-factor authentication) is logging into a bank account using credentials, inputting a code received via SMS, and then performing a fingerprint scan to gain access. ### What is the difference between MFA and two-factor authentication? 2FA is a subset of MFA and typically involves two authentication factors: something the user knows (like a password) and something the user has (such as a security token or a mobile device receiving a code). MFA, on the other hand, expands on this concept by incorporating two or more factors, which could include what the user knows, what the user has, or what the user is (like a fingerprint). This additional layer in MFA significantly heightens security by minimizing the risk of unauthorized access, especially in environments where highly sensitive data is managed. ### How do I identify the most effective MFA Method? Choosing an effective Multi-Factor Authentication (MFA) method relies on an organization's security needs, potential threats, and user convenience. A balance between security and usability is essential. Organizations should perform a thorough risk assessment and user testing to identify the best MFA strategy that aligns with security policies and operations. Additionally, staying updated on new technologies and emerging cyber threats helps keep the selected MFA method adequate and relevant. Related Content [What is Multi-Factor Authentication? Dig into the details of MFA to understand why it is a crucial line of defense for keeping threat actors at bay.](https://www.paloaltonetworks.com/cyberpedia/what-is-multi-factor-authentication?ts=markdown) [Cortex XSIAM AI-Driven SecOps Platform Purpose-Built for SOC Transformation](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) [Cortex XSIAM At-a-Glance Cortex XSIAM is Palo Alto Networks' AI-powered security operations platform that combines SIEM, SOAR, and advanced threat detection capabilities to automate threat detection, inves...](https://www.paloaltonetworks.com/resources/datasheets/cortex-xsiam-aag?ts=markdown) [XSIAM Infographic Explore the Future of Cybersecurity with Cortex XSIAM - Palo Alto Networks' AI-Driven Security Operations Platform.](https://www.paloaltonetworks.com/resources/infographics/xsiam-infographic?ts=markdown) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20are%20MFA%20Examples%20and%20Methods%3F&body=Gain%20awareness%20of%20multi-factor%20authentication%20examples%20crucial%20for%20enhancing%20security%20measures%20and%20preventing%20unauthorized%20access%20to%20sensitive%20information.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-are-multi-factor-authentication-mfa-examples-and-methods) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/what-is-least-privilege-access?ts=markdown) What Is Least Privilege Access? [Next](https://www.paloaltonetworks.com/cyberpedia/what-is-identity-and-access-management?ts=markdown) What Is Identity and Access Management (IAM)? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language