What is Multifactor Authentication?

Jul 08 2015

Passwords are becoming more difficult at a time when more people are pushing data to the cloud both in their work and personal lives. As a result we are seeing multi-factor authentication, something that is quite common in the large enterprise space, becoming more available in personal online spaces. Multifactor authentication, by definition, is using two or more methods to verify who you claim to be. These methods fall into three classes: Biometric Authentication, Token Authentication, and Password authentication. mobile-fingerprint-security-770x513

Biometric Authentication – Things that you are

Biometrics for authentication is commonly said to identify you based on what you are. There are several methods used such as hand geometry, retinal scanning, iris scanning, and fingerprints to name a few. Within these there are varying degrees of cost and effectiveness.   For instance retinal scanning is very accurate as it uses the blood vessels in the back of your eye but is costly to implement; many enterprises opt for iris scanning instead which uses the striation pattern on the iris muscles of the eye.

Similarly, fingerprint technology has two major classes. The more expensive end is very effective in that it often uses not just the ridges on the finger prints, but also blood vessels under the skin, and the rate at which you slide your finger over the scanner. This both verifies that finger is a real living person, and adds a person’s individual movement patterns into the mix making it harder to copy. Less expensive fingerprint scanners involve no motion and are usually easy to thwart using techniques one might find in 80’s action shows.

Token Authentication – Things that you have

When people say token authentication they most often think of a little plastic keychain with numbers, but things you have that can be used to identify you can take many forms. In the past, spies sometimes used books for encryption. The method relied on both parties having the same book and in the code identifying a specific page in which the first word became the keying to deciphering the code. Similarly, many services like Microsoft and Google now employ a system whereby a text message is sent to the phone number only the user has and becomes a method of authentication. Google even makes a software library available that allows programmers and Linux system administrators the ability to use this method to enhance the security of their systems.

Password Authentication – Things that you know

Passwords authentication should be thought of as things you know. Sometimes this maybe answers to security questions, such as birthdays, best friends’ names, or even the continuation of a poetic phrase. Many people think of passwords in a restricted term, but it might be better to think of them as phrases (ex: MyDogLoves3CheesePizza!). These can be complex and yet easier to remember and more difficult to be hacked.

Contact us today if you would like more information on how to properly protect you and your company! 

Recent posts