Two-factor Authentication

From Computing and Software Wiki

Two-factor authentication, also known as strong authentication, is a method which uses two different methods of authentication in order to verify a person's identity. It provides better verification then any single-factor authentication method on its own.

Authentication

Authentication is a recent verification of a principal (source). A principal is someone connected to and participating on the network (source). There are three main methods of authenticating a principal, known as human authentication factors.

Human Authentication Factors

• What the user has

This can be something like a magnetic ID card or a drivers license that only that user owns.

• What the user knows

This is a piece of information that only the specific user being authenticated will know. For example, this can include their PIN number, a user name and password or a random number.

• What the user is

Consists mainly of biometrics, such as genetics, retinal scanning, or fingerprint identification.

Two-factor Authentication

The definition of two-factor authentication must be further clarified. Although it is also known as strong authentication, these are often not the same thing. This is because strong authentication does not always necessarily mean that two factors were used, just two different authentication requests. <p>When using two factors, it means that two out of the three of the above methods must be used. This does not mean that single method can be used more than one time (two factor pdf). For instance, when a system asks for 3 passwords, this does not qualify as two-factor authentication. However, this is technically strong authentication because it asks for 3 passwords.

<p> Weak authentication is defined as cryptographic authentication between previously unknown parties without relying on trusted third parties (source)