Two-factor Authentication
From Computing and Software Wiki
| Line 2: | Line 2: | ||
Two-factor authentication, also known as strong authentication, is a method which uses two different methods of authentication in order to verify a person's identity. It provides better verification then any single-factor authentication method on its own. | Two-factor authentication, also known as strong authentication, is a method which uses two different methods of authentication in order to verify a person's identity. It provides better verification then any single-factor authentication method on its own. | ||
| - | == | + | ==Authentication== |
| + | Authentication is a recent verification of a principal (source). A principal is someone connected to and participating on the network (source). There are three main methods of authenticating a principal, known as human authentication factors. | ||
| - | === | + | ===What the user has=== |
| + | This can be something like a magnetic ID card or a drivers license that only that user owns. | ||
| - | == | + | ===What the user knows=== |
| + | This is a piece of information that only the specific user being authenticated will know. For example, this can include their PIN number, a user name and password or a random number. | ||
| - | == | + | ===What the user is=== |
| + | The focus of this is on biometrics, such as genetics, retinal scanning, or fingerprint identification. | ||
| - | == | + | ==Two-factor Authentication== |
| + | The definition of two-factor authentication must be further clarified. When using two factors, it means that two out of the three of the above methods must be used. This does ''not'' mean that a method can be used many times (two factor pdf). For instance, when a system asks for 3 passwords, this does ''not'' qualify as two-factor, or 'strong', authentication. | ||
| + | Whenever only one factor is used, regardless of the number of times it is used, it is considered 'weak' authentication. | ||
Revision as of 00:25, 9 April 2008
Contents |
Two-factor Authentication
Two-factor authentication, also known as strong authentication, is a method which uses two different methods of authentication in order to verify a person's identity. It provides better verification then any single-factor authentication method on its own.
Authentication
Authentication is a recent verification of a principal (source). A principal is someone connected to and participating on the network (source). There are three main methods of authenticating a principal, known as human authentication factors.
What the user has
This can be something like a magnetic ID card or a drivers license that only that user owns.
What the user knows
This is a piece of information that only the specific user being authenticated will know. For example, this can include their PIN number, a user name and password or a random number.
What the user is
The focus of this is on biometrics, such as genetics, retinal scanning, or fingerprint identification.
Two-factor Authentication
The definition of two-factor authentication must be further clarified. When using two factors, it means that two out of the three of the above methods must be used. This does not mean that a method can be used many times (two factor pdf). For instance, when a system asks for 3 passwords, this does not qualify as two-factor, or 'strong', authentication.
Whenever only one factor is used, regardless of the number of times it is used, it is considered 'weak' authentication.
