2FA is a front end form of authentication which can prevent users from gaining access to resources. The basic process involves issuing a special digital certificate to the user’s computer. When accessing a resource, the user is prompted to first select the digital certificate. After the certificate has been authenticated, then the user is prompted for their user name and password. Without the digital certificate, the user will never be asked to enter in their log-in credentials.
Can Users Be Issued More Than One 2FA Digital Certificate?
You can have more than one digital certificate for accessing different resources in a 2FA environment. For example, you could have one certificate which you use when you are connected at your office. When you are working remotely, you can have another certificate, which you use to connect with your VPN. You may even have a third certificate, for connecting to and logging onto cloud computing environments.