Step-Up Authentication

KZero Staff
Oct 19, 2023

We refer to step-up authentication as that specific authentication mechanism where multiple forms of authentication are required in order to gain access to a specific resource such as a network or an application. The nature of these two authentications is usually different and typically consists of credential-based authentication such as password-username and some more secure authentication methods such as passcodes and biometric factors.

Some of the most common resources that are protected using step-up authentication include:

  • Online banking accounts
  • Email accounts
  • Social media accounts
  • Corporate networks
  • Cloud-based applications

The main objective of step-up authentication is to strike a balance between the need to adapt to the needs of the user and the company with the level of security and risk based on how important the resource is to be protected. As for other types of authentication, the balance that needs to be found is ultimately between security and usability. Step-up authentication provides greater flexibility so that the authentication process can be tailored based on specific needs.

Here are a couple of examples of how step-up authentication could be used:

  • An employee needs to access an email address using a personal computer but is required to log in using a VPN through the corporate network of the company
  • An individual wants to check banking information using an app on a personal smartphone but is required to authenticate before any funds can be transferred
KZero Staff

Explore more insightful content from the knowledgeable KZero staff on our blog and guides section.

Glossary Terms

Stay up to date with the most recent #infosec topics

Trending Topics

Interested In
Next-Gen MFA?

Discover Multi-Pass enterprise passwordless authentication

Share the page: