Are you looking for my non-technical blog?

This is now my technical-only blog, my non-technical blog is here.

25 May 2006

Two-factor Authentication

"Two-factor authentication (T-FA) is any authentication protocol that requires two independent ways to establish identity and privileges. This contrasts with traditional password authentication, which requires only one factor (knowledge of a password) in order to gain access to a system. Common implementations of two-factor authentication use 'something you know' as one of the two factors, and use either 'something you have' or 'something you are' as the other factor. A common example of T-FA is a bank card (credit card, debit card); the card itself is the physical item, and the personal identification number (PIN) is the data that goes with it.", Wikipedia The point is that if you rely on passwords only (something you know) then if anyone gets this password he can have access to the protected resources. So what T-FA does is that it adds another later of security. Ok you can know my password, but you have to get a finger-prints simillar to mine as well. The three most commonly recognized factors are:
  • 'Something you know', such as a password or PIN
  • 'Something you have', such as a credit card or hardware token
  • 'Something you are', such as a fingerprint, a retinal pattern, or other biometric.
Tags: , ,