Two-factor Authentication
From Computing and Software Wiki
| Line 1: | Line 1: | ||
| - | + | ||
Two-factor authentication, also known as strong authentication, is a method which uses two different methods of authentication in order to verify a person's identity. It provides better verification then any single-factor authentication method on its own. | Two-factor authentication, also known as strong authentication, is a method which uses two different methods of authentication in order to verify a person's identity. It provides better verification then any single-factor authentication method on its own. | ||
| Line 6: | Line 6: | ||
===Human Authentication Factors=== | ===Human Authentication Factors=== | ||
| - | What the user has | + | *What the user has |
| - | This can be something like a magnetic ID card or a drivers license that only that user owns. | + | <p>This can be something like a magnetic ID card or a drivers license that only that user owns. |
| - | What the user knows | + | *What the user knows |
This is a piece of information that only the specific user being authenticated will know. For example, this can include their PIN number, a user name and password or a random number. | This is a piece of information that only the specific user being authenticated will know. For example, this can include their PIN number, a user name and password or a random number. | ||
| - | What the user is | + | *What the user is |
Consists mainly of biometrics, such as genetics, retinal scanning, or fingerprint identification. | Consists mainly of biometrics, such as genetics, retinal scanning, or fingerprint identification. | ||
| - | ==Two-factor Authentication== | + | ===Two-factor Authentication=== |
| - | The definition of two-factor authentication must be further clarified. When using two factors, it means that two out of the three of the above methods must be used. This does ''not'' mean that | + | The definition of two-factor authentication must be further clarified. Although it is also known as strong authentication, these are often not the same thing. This is because strong authentication does not always necessarily mean that two ''factors'' were used, just two different authentication requests. |
| - | + | <p>When using two factors, it means that two out of the three of the above methods must be used. This does ''not'' mean that single method can be used more than one time (two factor pdf). For instance, when a system asks for 3 passwords, this does ''not'' qualify as two-factor authentication. However, this ''is'' technically strong authentication because it asks for 3 passwords. | |
| + | <p> ''Weak authentication'' is defined as cryptographic authentication between previously unknown parties without relying on trusted third parties (source) | ||
Revision as of 02:03, 9 April 2008
Two-factor authentication, also known as strong authentication, is a method which uses two different methods of authentication in order to verify a person's identity. It provides better verification then any single-factor authentication method on its own.
Authentication
Authentication is a recent verification of a principal (source). A principal is someone connected to and participating on the network (source). There are three main methods of authenticating a principal, known as human authentication factors.
Human Authentication Factors
- What the user has
This can be something like a magnetic ID card or a drivers license that only that user owns.
- What the user knows
- What the user is
Two-factor Authentication
The definition of two-factor authentication must be further clarified. Although it is also known as strong authentication, these are often not the same thing. This is because strong authentication does not always necessarily mean that two factors were used, just two different authentication requests. <p>When using two factors, it means that two out of the three of the above methods must be used. This does not mean that single method can be used more than one time (two factor pdf). For instance, when a system asks for 3 passwords, this does not qualify as two-factor authentication. However, this is technically strong authentication because it asks for 3 passwords.
<p> Weak authentication is defined as cryptographic authentication between previously unknown parties without relying on trusted third parties (source)