So yes, today we will take a look at what 2FA means in security. It's shorthand for "Two-factor Authentication".
Authentication Factors
During authentication, we make use of authentication factors. This could be just a password, or a thumbprint, or a codephrase. Something for the system to identify you by before allowing entry.There are generally three types of authentication factors - Knowledge, Possession and Inherence.
Knowledge
This factor type is about what you know. It's something you memorize. In its most common form, it's a password, or a PIN number. If you've watched Mission Impossible: Fallout recently, there's this sequence where Tom Cruise's character, Ethan Hunt, supplies a phrase to a fellow agent. |
| "I am the storm." |
Agent: Fate whispers to the warrior.
Ethan Hunt: There's a storm coming.
Agent: And the warrior whispers back...
Ethan Hunt: I am the storm.
Ethan Hunt: There's a storm coming.
Agent: And the warrior whispers back...
Ethan Hunt: I am the storm.
"There's a storm coming." and "I am the storm." are the passphrases and those serve as useful examples of Knowledge authentication factor types.
Possession
Possession isn't about exorcism in this context (heh heh) but it's something you have. Something you keep on your person such as a mobile phone or a security token. Using it, the system can send a one-time password which the user can then use for authentication. |
| A typical RSA token. |
Other examples of a Possession authentication factor type are - ATM card, NRIC card and credit card. Again, things you keep on your person.
Inherence
Don't be intimidated by this term - it basically means what you are. Things that are part of you, that we use in authentication. Like thumbprints, retina scans, facial recognition, voice recognition and so on. Biometrics. |
| Eye scan. |
There's even something that scans the inner lining of your ear. It sounds weird as heck, but we live in strange times. Hey, if it works...
No comments:
Post a Comment