March 22, 2019

The 3 Types of Multi-Factor Authentication

 

Did you know that more than 80% of cyber attacks involve the use of passwords that are either too weak or stolen from the user? With Single Sign-On (SSO), obtaining one password can unlock all of your business's secrets. That's why you need multi-factor authentication.

What is multi-factor authentication? It is a security system that uses multiple factors to verify the user's identity before permitting login.

There are three types of authentication required for multi-factor authentication. Some systems use just two (called two-factor authentication), but others implement all three. Read on to learn about these three types of authentication and how they're used to create a more secure system.

Types of Authentication: Knowledge

The first of these types of authentication is something you know, and it's based on something you have to remember. Examples are passwords, PIN numbers, and combination codes. Usernames or email addresses don't count because they're easy to gain access to even if you aren't the user.

Most SSO systems just use this type of authentication. Again, this is weak from a security standpoint. For this reason, we think that password will soon become extinct.

Types of Authentication: Possession

The second of these types of authentication is something you have and refers to physical objects. Examples are single-use password tokens, ID cards, USB drives, smartphones, and keys. 

Most businesses that use two-factor authentication use this as their second access method. When someone attempts to log in, a password is sent to the user's cell phone with the token needed to log in. Obviously, if you don't possess the phone, you won't be able to log in.

There are two types of tokens. A token can be generated that only expires once it is used. This is referred to as an HMAC-based One Time Password, or HOTP. 

A token can also be generated that expires after a certain amount of time. This is referred to as a time-based one-time password, or TOTP. 

Types of Authentication: Inheritance

The last of these types of authentication is something that you are, meaning your biological properties. It's also known as biometrics. This can include fingerprints, retina scans, facial recognition, or voice verification.

These are typically used in government facilities or high-tech offices. As the technology becomes cheaper, it will probably see a lot more implementation. Of course, biometrics has its own set of problems, so it's best to still use one or more factors along with it. 

Contact Us Today to Implement Multi-Factor Authentication 

Since passwords aren't great for security, you can see the benefit adding in multiple types of authentication can bring. However, be sure that you don't require too many authentication factors, or you'll never be able to figure out how to log into your own system!

Don't be like the 72% of Americans that don't use multi-factor authentication!

Contact Acceptto today to find out how we can help keep your business secure. We'll implement better security for you in a quick and easy way.

identity authentication type of authentication