M1032ATT&CK 14.1

M1032Multi-factor Authentication

Description

Use two or more pieces of evidence to authenticate to a system; such as username and password in addition to a token from a physical smart card or token generator.

References

  1. https://attack.mitre.org/mitigations/M1032

Compliance frameworks requiring this (incoming)13

TypeTargetConfidenceTier
ComplianceControlnis2-art21g100%live
ComplianceControlnist_csf-pr100%live
ComplianceControlcis_v8-6100%live
ComplianceControlai_act-art9100%live
ComplianceControliso27001-a.8.26100%live
ComplianceControliso27001-a.8.5100%live
ComplianceControlpci_dss_v4-r8100%live
ComplianceControldora-art24100%live
ComplianceControlnis2-art21j100%live
ComplianceControlpci_dss_v4-r4100%live
ComplianceControlgdpr-art32100%live
ComplianceControliso27701-a.7.4.5100%live
ComplianceControldora-art14100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Technique
Multi-Factor Authentication Interception
Mitigation
Credential Access Protection
Defence
Token-based Authentication
Mitigation
User Training
Mitigation
Password Policies
Mitigation
Network Intrusion Prevention
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, Founder at SQUR.