Evaluating the Effectiveness of Multi-Factor Authentication (MFA) Mechanisms in Mitigating Security Risks in Cloud Services

Abstract

ABSTRACT Multi-factor authentication (MFA) enhances the security of cloud resources by requiring multiple forms of verification, thus mitigating risks associated with single-factor authentication vulnerabilities. As organizations increasingly adopt cloud computing for its scalability and efficiency, the accompanying security vulnerabilities have prompted the need for robust authentication solutions. MFA enhances security by requiring multiple verification methods—such as knowledge-based factors (passwords), possession-based factors (smartphones or tokens), and inherent factors (biometrics)—before granting access to sensitive data and applications. SMS-based Multi Factor Authentication is about sending a one-time code via text message, which, despite its widespread use, is susceptible to interception. App-based Multi Factor Authentication generates Time-based One-Time Passwords (TOTPs), offers a higher level of security as it is less vulnerable to interception compared to Short Messaging Service. This relies on users having access to their mobile devices, as well as the app. Hardware token-based Multi Factor Authentication employs physical devices such as USB tokens or smart cards, provides robust protection by generating one-time codes or by using cryptographic methods that are difficult to replicate or intercept. This paper compares the effectiveness of various MFA techniques—specifically SMS-based, app-based, and hardware token-based methods—in protecting cloud resources.