Multi-factor authentication is the process in which we expand on the traditional requirements that exist in a single factor authentication like a password.To accomplish this, multi-factor authentication will use another item for authentication in addition to or in place of the traditional password.
Four possible types of factors
Following are four possible types of factors that can be used for multi-factor authentication.
A password or a PIN can be defined as a something you know factor.
A token or Smart Card can be defined as a something you have factor.
A thumbprint, retina, hand, or other biometrically identifiable item can be defined as a something you are factor.
- Voice or handwriting analysis can be used as a something you do factor.
For example, most password-based single authentication methods use a password. In multi-factor authentication methods, you might substitute the “something you know” factor with a “something you have” factor or a “something you are” factor.
A smart card or token device can be a “something you have” factor. Multi-factor authentication can be extended, if desired, to include such things as handwriting recognition or voice recognition.The benefit of multi-factor authentication is that it requires more steps for the process to occur, thus adding another check- point to the process, and therefore stronger security. For instance, when withdrawing money from the bank with a debit card (“something you have”) you also have to have the PIN number (“something you know”).This can be a disadvantage if the number of steps required to achieve authentication becomes onerous to the users and they no longer use the process or they attempt to bypass the necessary steps for authentication.
To summarize, multi-factor authentication is more secure than other methods because it adds steps that increase the layers of security. However, this must be balanced against the degree to which it inconveniences the user, since this may lead to improper use of the process.
Published on Wed 02 March 2011 by Derek Packard in Security with tag(s): authentication