Authentication is the process of verifying the credentials presented by a user. Multi-factor authentication is a method of access control in which a user is only granted access after successfully presenting several separate pieces of evidence to an authentication mechanism.

Multi-factor authentication should realistically require all of the following (although many services typically only ask for two of the following:

  • Something ONLY I Know
  • Something ONLY I Am
  • Something ONLY I Have

Two-factor authentication (2FA) is a method of confirming a user’s identity by utilizing a combination of two different components. Two-factor authentication is a subset of multi-factor authentication.

Multiple factors are mostly used when managing access to sites where security is paramount e.g. bank accounts, whereby temporary one time passwords are issued via an App or SMS text, as well as more traditional methods e.g. using a physical card reader to generate a unique code.

More and more applications are now facilitating multi factor authentication with a step up mechanism which only gets triggered in certain instances e.g. if accessing from a new / overseas IP address.

Key Recommendations

All Articles

Fido authentication: why you should care

The current best-practice advice for passwords is that you shouldn’t even know your password, and you should use a separate password for each of your online accounts. You can accomplish these goals today by using a cloud-based password management solution such as LastPass or 1Password to auto-generate pseudo-random passwords for each account.

Symbol-to-accept: the newest innovation in mobile-based authentication

We all know the saying, “You’re only as strong as your weakest link.” It can apply to cybersecurity in countless ways, which is one reason why designing a secure infrastructure requires expertise and the right tools. It only takes one employee to fall for a phishing scam, or one stolen set of credentials to potentially open the door to an attack. And it only takes one vulnerability in an otherwise great authentication workflow to do the same.

The move to multi factor authentication: are passwords past their prime?

Passwords remain a critical part of corporate security, but are vilified by IT experts as one of the weakest links in the defensive chain. That’s because users tend to pick common words and phrases to streamline the login process, opening the door for cybercriminals.

Universal second factor and OpenID Connect

Digital identity and authentication technologies are currently undergoing some major changes. Once the realm of centralized authorities like large enterprises and governments, new technologies are putting more power in the hands of end users in ways never before possible. Today’s technology stack is built on the lessons of the past, with an understanding of what works and what does not in the real world with real users.

Amazon selfie password: is this the feature?

Amazon’s “Selfie Authentication” allows the site’s customers to user facial recognition to authenticate themselves to the website in order to make a purchase. While not entirely unique, the recent announcement by the retail giant was huge because of its implication to users and to authentication.

Know of a resource that helps people secure their data? Submit it today