Two-factor Authentication

From Computing and Software Wiki

Revision as of 00:25, 9 April 2008 by 24.36.228.133 (Talk)
Jump to: navigation, search

Contents

Two-factor Authentication

Two-factor authentication, also known as strong authentication, is a method which uses two different methods of authentication in order to verify a person's identity. It provides better verification then any single-factor authentication method on its own.

Authentication

Authentication is a recent verification of a principal (source). A principal is someone connected to and participating on the network (source). There are three main methods of authenticating a principal, known as human authentication factors.

What the user has

This can be something like a magnetic ID card or a drivers license that only that user owns.

What the user knows

This is a piece of information that only the specific user being authenticated will know. For example, this can include their PIN number, a user name and password or a random number.

What the user is

The focus of this is on biometrics, such as genetics, retinal scanning, or fingerprint identification.

Two-factor Authentication

The definition of two-factor authentication must be further clarified. When using two factors, it means that two out of the three of the above methods must be used. This does not mean that a method can be used many times (two factor pdf). For instance, when a system asks for 3 passwords, this does not qualify as two-factor, or 'strong', authentication.

     Whenever only one factor is used, regardless of the number of times it is used, it is considered 'weak' authentication.
Personal tools