The process of identifying an individual, usually based on user name and password
Authentication is distinct from authorization , which is the process of giving individuals access to system objects (programs, data etc) based on their identity
Authentication merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual
What’s a Factor?
An authentication factor is an independent category of credential used for identity verification.
Three most common categories are described as –
- something you know (password)
- something you have (token)
- something you are (bio-metric)
Multi-factor authentication (MFA) involves two or more independent credentials for more secure transactions; systems with more demanding requirements for security, location and time are sometimes added as fourth and fifth factors.
Why Use It?
Passwords on their own are no longer secure; most can be broken by “brute force” or “dictionary” attacks in less than a minute
Using Multi-factor to authenticate users adds an additional layer of security
More factors added – the more secure the process becomes
Single-factor authentication is based on only one category of identifying credential
The most common SFA method is the familiar user name and password combination
Two-factor authentication is based on a combination of two categories of identifying credential – the most common SFA method is the familiar bank ATM card – PIN number (something you know) and the Bank Card (something you have)
For any system or network that contains sensitive data, it’s advisable to add additional authentication factors.
Who Uses It?
Twitter’s got it.
Apple’s got it, too.
Google, Microsoft, PayPal, Facebook, eBay and Amazon have had it for a while