What is Multi-Factor Authentication?
Computers & Technology → Technology
- Author Mitchel Smith
- Published December 26, 2011
- Word count 1,097
Multi-Factor authentication, or sometimes called strong authentication, is an extension of two-factor authentication. Multi-factor authentication involves two or more factors whereas two factor authentication only involves exactly two factors. There are three basic "factors" in existing authentication methodologies. These "factors" would be something the user knows, something the user has and something the user is. An example of something the user knows is a password or a personal identification number (PIN). Something the user has would be an item like an ATM card, smart card or cellular phone. Something the user is would be a biometric characteristic such as a fingerprint or iris scan.
An example of multi-factor authentication is requiring that the user insert something the user has such as a smart card or using a cell phone (something the user has) and entering in a password (something the user knows). This multi-factor authentication can be taken a step further by adding a third factor such as requiring a valid fingerprint or iris scan (something the user is).
When you are sending your personal information over the internet or over a server, are you confident that these are so-called "secure" networks? Although internet fraud has reportedly dipped in 2010 consumers are still skeptical while doing anything online that involves their personal information. In fact, in 2009 online fraud doubled from the year before.
There was a time when email passwords could be any password you choose, but even now email providers require you to have minimum length keywords and they even rate your password strength. Security is an important concern for most people and as people have needs for stronger passwords, stronger authentication is developed to meet this demand. Passwords are becoming more complex and now require minimum lengths, have symbol requirements and have restrictions to help increase security among users, but that still isn’t enough.
Beyond creating more difficult passwords for someone to hack, crack or steal, there are even higher forms of security available. Multi-factor authentication is now being used by major corporations to protect your confidential information online or over their networks. Multi-factor authentication is the solution to data and identity breaches and is much more secure than just a simple one time password.
Two-Factor Authentication
With multi-factor authentication stealing a username and password is not enough. Usernames and passwords are only a single factor authentication method. In a two factor authentication system, the user provides a dual means of identification, one of which is typically a physical token such as a card or cell phone, and the other of which is typically something memorized, such as a security code. The security code is usually a one-time password sent through an SMS text message to your mobile phone, but sometimes two-factor authentication solutions provide proprietary devices that will produce an OTP for you.
Multi-Factor Authentication
Multifactor authentication uses a combination of two or three different ways to authenticate your identity. The first is usually a password (what you know), but can also include your response to a challenge question, known as knowledge based authentication. The second is what you have which could be a physical device such as a smart card or a hardware token that generates one time only passwords. The third is who you are, as indicated by a biometric such as a fingerprint or an iris scan. Almost ever factor approach uses a password, and then combines this with the second or third factor or both. Two-factor authentication is a multi-factor authentication, but not vice versa. With technology growing by leaps and bounds there are not only more ways of stealing your information, but more ways of combating it.
There are three independent factors to multi factor authentication: Something you know, something you have and something you are.
Something You Know
This is the traditional username and password system that we have been using for decades and still use today. This could also be your response to a challenge question, known as knowledge based authentication. With the possibility of being hacked or having your password stolen these days there had to be a more secure way of accessing confidential data. There is key logging software and other types of hardware devices to that have compromised the security of login credentials and personal logins like usernames and passwords.
Something You Have
Something you have consists of utilizing an outside network such as a mobile phone for SMS text messages or a proprietary token that creates one time passwords. Also, still used in some cases is a piece of paper that contains lists of passwords. Have you ever been sent a one-time password to access some sort of personal information such as online banking records or maybe an important account you were locked out of? That would be two-factor authentication through something you have.
Something You Are
Once you have your username, password and OTP there is only one thing left to identify you. With today’s technology we can now measure our biological differences. Since everyone is unique like a snowflake utilizing biometrics to obtain access to confidential information is the most secure form of identification. Measuring parts of your body like an iris scan, fingerprints or even the spacing between fingers a security system can now authenticate a user.
Many technology vendors claim to be offering "multi factor authentication solutions" are, in fact, providing single-factor authentication approaches. Most notable are these approaches of the challenge/response approach which is often paired with a shared secret image. These kind of approaches are not true multi factor authentication solutions and are not compliant with the U.S. Federal Financial Institutions Examination Council, which is the formal interagency of the United States government that is empowered to prescribe uniform principles, standards and reports forms for the federal examination of financial institutions.
A true multifactor authentication requires the use of solutions from two or more of the three categories of factors. Using multiple factors from the same category does not constitute multifactor authentication.
Maybe our society in this day and age is being paranoid, but it does not seem that way when everyone knows someone who has been affected by fraud. Trusting our personal data to a simple username and password is like protecting a pile of gold with a chain link fence. Using a one-time password, two-factor authentication, and multi-factor authentication is the standard for securing our personal information and data. Multi-factor authentication is the most effective way to authenticate a user and protect data as it is much harder to compromise combinations of something you know, something you have and something you are.
Mitchel Smith is a authentication security expert who has been in the industry of information technologies for over a decade. He provides authentication information about Two Factor Authentication and Multi Factor Authentication.
Article source: https://articlebiz.comRate article
Article comments
There are no posted comments.
Related articles
- How Collaborating with a Software Development Company Can Propel Your Business Forward
- GoPDF An Online PDF Editor Releases Mobiles Apps Compatible with iOS & Android: A Faster Solution for PDF Editing
- The Best AI Logo Generators in 2024
- Adapting to Rising Parcel Rates in 2024 with Business Central and Order Ship Express
- Zoviz Launches New Solutions Day by Day to Users as An AI Logo Maker
- Is Your Finance Strategy Ready for ERP Software?
- A Beginner's Guide to Starting a Career in Web3
- A Step-by-Step Guide to Easily Connecting Your Printer to WiFi
- Harnessing the Power of License Plating in Dynamics 365 Business Central
- Crypto Weekend: Hydra Being “Abandoned”, New Blockchain Games And Partnerships
- Crypto And Web3: Integration That Opens Up New Opportunities
- Top 10 Features You Didn't Know Existed in Product Configurators for Business Central
- Enhancing Test Case Reusability with Execution Recording
- The Ultimate Guide to Hiring ASP.NET Developers for Your Business
- INVESTIGATING THE NEW MACBOOK AIR M3: STOCKPILING AND SPEED EXPERIENCES
- How to Fix Sump Pump Drainage: A Complete Guide to Keep Your Basement Dry
- From Paper to Digital: Transforming QA with Dynamics 365 Business Central
- How AI Content Moderation Keeps Your Brand Afloat
- the best metal detector
- You’re probably not ready for AI. Guide to K-12 data collection.
- Elevate Your Business Central Experience with Free Barcoding Integration
- Choosing the Best SMS Gateway Provider: 5 Essential Features for Success
- Designing Easy to Use Software: Understanding the Basics of UX Testing in Quality Assurance
- The Link: Merging Brains and Computers
- Machine translation vs AI translation: What sets them apart?
- Navigating the Path to Data Excellence: A Guide to Choosing the Right Power BI Consultant with GTH Cloud 365
- The Future of AI: Exciting Times, Big Questions
- The Evolving Landscape of SEO in 2024: Navigating the Digital Frontier
- Customize Your Gaming Console To Optimize Your Gaming Experience
- Data Recovery Complications