We often use a combination of a username and password to authenticate ourselves. But this is not secure enough. We often hear about data breaches that result from using weak passwords or password reuse. We are also aware of malware like keyloggers that can steal users’ passwords. A feasible way to address that problem is to use Two-Factor Authentication.
What is 2 Factor Authentication?
We often use several pieces of information to prove our identity during authentication so that no unauthorized person can know the information. These are called factors of authentication. For example, a password, a PIN, a security question, etc are authentication factors.
There are mainly three types of factors that are commonly used for the purpose of authentication.
- Knowledge Factor
- Possession Factor
- Inherence Factor
Knowledge Factor
A knowledge factor refers to a piece of information that the user only knows. For example, a password or a PIN is considered to be a knowledge factor. A security question is also a knowledge factor, though it is considered to be a weak factor. An attacker can do enough research on the victim and find the information used.
Possession Factor
A possession factor refers to something that the user has. A hardware token used at the time of authentication can be considered to be a possession factor. Authentication using an ATM card is also a good example of a possession factor. As anyone without physically possessing the possession factor cannot authenticate, authentication using the possession factor is considered to be quite secure. However, it may prove to be inconvenient at times as the user always has to keep the possession factor along with him to authenticate himself.
Inherence Factor
The inherence factor refers to an essential user characteristic. Authentication using biometrics like fingerprints, iris, or voice can be a good example of an inherence factor. This method of authentication is supposed to be quite secure.
Any authentication process that uses only one of the above factors is called single-factor authentication. Multifactor authentication uses more than one of the above factors. Two-factor authentication, or 2FA, is authentication using two of the above.
0 Comments