Double and multiple authentication factor
Posted: Wed Dec 18, 2024 3:44 am
Link to the article Double and multiple authentication factor
The use of passwords serves to authenticate the user in the identity verification process of any service that requires it. In this way, it is ensured that the user is really who he says he is and not an impostor. However, it is not the only mechanism available to identify a user. Let's look at the different options:
Systems based on something known by the user. The most commonly used is the password.
Systems based on something the user has. Typically, identity cards or coordinates are used, or a token (key generator) that can be physical or virtual.
System based on the user's physical characteristics. It can be a fingerprint, facial recognition or even voice activation.
The first option is the main one and the most widespread among most users. It has become a basic and everyday activity to create an account using a username and password, however, this process presents a series of vulnerabilities :
Related to the ability of users to create and remember long strings of cambodia phone number data characters, as well as multiple passwords at once.
Related to the techniques used by cybercriminals, which are increasingly more sophisticated and are able to obtain our passwords more easily.
What is two-factor or multi-factor authentication?
Double authentication , or two-step verification , is an additional layer of security that complements the use of a password. Its purpose is to ensure that the user not only knows the password to access the service, but is also who he claims to be by providing information during the login process, such as a code, about something that only he has. This information can be obtained in the following way:
Through a phone call or SMS sent by the service.
Using a physical or virtual smart card (token).
Using a biometric device .
Double and multiple authentication factor
As we said, in double verification processes, the first factor is usually a password that we know and that we have created ourselves, while the second factor is usually a random code generated by an authentication “token”, by an external device, by an app installed on our smartphone or computer, or by biometric verification.
The procedure is very simple:
We access the service login screen.
We enter our username and password (what we already know).
We are asked for authentication confirmation through a code that we receive in a token (what we have).
And finally, they can also ask us for a third factor through a biometric device, for example, our fingerprint (what we are).
The use of passwords serves to authenticate the user in the identity verification process of any service that requires it. In this way, it is ensured that the user is really who he says he is and not an impostor. However, it is not the only mechanism available to identify a user. Let's look at the different options:
Systems based on something known by the user. The most commonly used is the password.
Systems based on something the user has. Typically, identity cards or coordinates are used, or a token (key generator) that can be physical or virtual.
System based on the user's physical characteristics. It can be a fingerprint, facial recognition or even voice activation.
The first option is the main one and the most widespread among most users. It has become a basic and everyday activity to create an account using a username and password, however, this process presents a series of vulnerabilities :
Related to the ability of users to create and remember long strings of cambodia phone number data characters, as well as multiple passwords at once.
Related to the techniques used by cybercriminals, which are increasingly more sophisticated and are able to obtain our passwords more easily.
What is two-factor or multi-factor authentication?
Double authentication , or two-step verification , is an additional layer of security that complements the use of a password. Its purpose is to ensure that the user not only knows the password to access the service, but is also who he claims to be by providing information during the login process, such as a code, about something that only he has. This information can be obtained in the following way:
Through a phone call or SMS sent by the service.
Using a physical or virtual smart card (token).
Using a biometric device .
Double and multiple authentication factor
As we said, in double verification processes, the first factor is usually a password that we know and that we have created ourselves, while the second factor is usually a random code generated by an authentication “token”, by an external device, by an app installed on our smartphone or computer, or by biometric verification.
The procedure is very simple:
We access the service login screen.
We enter our username and password (what we already know).
We are asked for authentication confirmation through a code that we receive in a token (what we have).
And finally, they can also ask us for a third factor through a biometric device, for example, our fingerprint (what we are).