Multifactor Authentication Examples

B.

Multifactor authentication (MFA) is a security system that requires two or more forms of authentication before granting access to a resource, system or application. These forms of authentication can be classified into three categories: something you know (e.g., a password), something you have (e.g., a physical token), and something you are (e.g., a biometric feature).

Out of the given options, option B is an example of multifactor authentication. An SMS message sent to a phone is something you have, while an access PIN is something you know. By requiring both of these factors, this authentication method is more secure than relying on a single factor.

Option A is an example of a password policy that requires complexity but does not constitute multifactor authentication. Complexity requirements help ensure that a password is difficult to guess, but it only constitutes a single factor (something you know).

Option C is an example of a single-factor authentication with additional security measures. Encryption of cached password information provides an extra layer of protection for the password, but it is still a single factor. The challenge question is also a single factor, and it is not recommended as a security measure as the answers can often be easily found on social media.

Option D is an example of a password policy that requires periodic changes, but it does not constitute multifactor authentication. A password that expires after a certain period of time is a good security measure, but it is still only a single factor. The PIN is also something you know, so this is also a single factor authentication.

In summary, only option B is an example of multifactor authentication as it requires two separate factors before granting access.