True Multi-Factor Authentication Multi-Factor Authentication has become very normal these days for high secure websites. Definitely, a much better solution compared to just username and password combinations. But, in certain scenarios, MFA is not really MFA! First, let's look at the current state of the different MFA options available. 1) SMS / E-Mail / Authenticator based code / link. 2) Hardware tokens such as YubiKey! When I lose my mobile which has my SIM card, EMail application, Authenticator - MFA scenario 1 fails. But at least the attacker was not able to compromise my accounts until I lost my mobile phone or unless the hacker is a shadow in the vicinity. Similarly with hardware tokens. Here are some suggested alternate scenarios or possible future enhancements for the tech industry: 1) Voice-based speaker recognition 2) Facial recognition like Windows Hello and Mobile Phone unlock Now combining the above factors with traditional MFA can significantly help. For example, a