Patent attributes
An access management system is disclosed that can employ multi-factor authentication (MFA) using multiple types of authentication. In at least one embodiment, techniques may include implementing multi-factor authentication (MFA) including knowledge-based authentication (KBA). MFA may be based on multiple factors, such as “what you know” (e.g., a password or an answer to a question known by a user) and “what you have” (e.g., a trusted device registered for a user). In at least one embodiment, multiple devices (e.g., a desktop computer and a mobile device) may be utilized to provide for stronger authentication using a combination of what a user has. The combination of MFA based on what you know (e.g., KBA) and what you have (e.g., a trusted device) may further ensure authentication is not compromised. The techniques disclosed herein may provide for a stronger form of authentication to reduce, if not eliminate, possible vulnerabilities for access management.