Two-factor Authentication
From Computing and Software Wiki
| Line 5: | Line 5: | ||
Authentication is a recent verification of a principal (source). A principal is someone connected to and participating on the network (source). There are three main methods of authenticating a principal, known as human authentication factors. | Authentication is a recent verification of a principal (source). A principal is someone connected to and participating on the network (source). There are three main methods of authenticating a principal, known as human authentication factors. | ||
| - | ===What the user has | + | ===Human Authentication Factors=== |
| + | What the user has | ||
This can be something like a magnetic ID card or a drivers license that only that user owns. | This can be something like a magnetic ID card or a drivers license that only that user owns. | ||
| - | + | What the user knows | |
| - | + | ||
This is a piece of information that only the specific user being authenticated will know. For example, this can include their PIN number, a user name and password or a random number. | This is a piece of information that only the specific user being authenticated will know. For example, this can include their PIN number, a user name and password or a random number. | ||
| - | + | What the user is | |
| - | + | Consists mainly of biometrics, such as genetics, retinal scanning, or fingerprint identification. | |
| - | + | ||
==Two-factor Authentication== | ==Two-factor Authentication== | ||
The definition of two-factor authentication must be further clarified. When using two factors, it means that two out of the three of the above methods must be used. This does ''not'' mean that a method can be used many times (two factor pdf). For instance, when a system asks for 3 passwords, this does ''not'' qualify as two-factor, or 'strong', authentication. | The definition of two-factor authentication must be further clarified. When using two factors, it means that two out of the three of the above methods must be used. This does ''not'' mean that a method can be used many times (two factor pdf). For instance, when a system asks for 3 passwords, this does ''not'' qualify as two-factor, or 'strong', authentication. | ||
Whenever only one factor is used, regardless of the number of times it is used, it is considered 'weak' authentication. | Whenever only one factor is used, regardless of the number of times it is used, it is considered 'weak' authentication. | ||
Revision as of 00:48, 9 April 2008
Contents |
Two-factor Authentication
Two-factor authentication, also known as strong authentication, is a method which uses two different methods of authentication in order to verify a person's identity. It provides better verification then any single-factor authentication method on its own.
Authentication
Authentication is a recent verification of a principal (source). A principal is someone connected to and participating on the network (source). There are three main methods of authenticating a principal, known as human authentication factors.
Human Authentication Factors
What the user has This can be something like a magnetic ID card or a drivers license that only that user owns. What the user knows This is a piece of information that only the specific user being authenticated will know. For example, this can include their PIN number, a user name and password or a random number. What the user is Consists mainly of biometrics, such as genetics, retinal scanning, or fingerprint identification.
Two-factor Authentication
The definition of two-factor authentication must be further clarified. When using two factors, it means that two out of the three of the above methods must be used. This does not mean that a method can be used many times (two factor pdf). For instance, when a system asks for 3 passwords, this does not qualify as two-factor, or 'strong', authentication.
Whenever only one factor is used, regardless of the number of times it is used, it is considered 'weak' authentication.
