Multi-factor authentication has been around for a while now, but has been gaining in popularity dramatically in recent years. Multi-factor authentication is the act of utilizing multiple methods of authentication to access specific
data on a network or website.
With so many ways to capture a users password, multi-factor authentication is a way to secure data with more than just a single username and password. If that username and password is compromised, then the attacker will
still need additional information to access the confidential data or website. Multi-factor authentication doesnt necessarily mean just adding on another username and password prompt. It can be a security question or code
request as well. For example, once a user logs in with their username and password, the website also asks them for their mothers maiden name that they entered when originally setting up their account. This additional prompt
can hinder an attackers attempt at accessing their account. Should they already know the username and password, they will also need to know the users mothers maiden name as well.
To add further security to multi-factor authentication, one-time passwords may be added to the mix. A one-time password policy is the technique of using a token or other method that will generate a new password every
minute or so and only the server knows what the password is at the minute. The user then uses the password shown on the token as a second authentication method. After the user uses that password, the password is reset
again and that password is never used again. This is a very secure method that prevents many types of intrusion. If an attacker was able to capture the hash from the authentication transaction, by the time they get done
decrypting it, the password will have changed to a different one.
Another technique to multi-factor authentication is the use of biometrics. Biometrics is the use of some type of scan mechanic on the users body such as a finger print or eye retina. Adding multi-factor authentication where the
second factor of authentication is something specific to that user adds a much deeper level of authentication that is much more secure. Adding a layer of security that is something of "what the user knows", "who the user is",
or "what the user has" makes it hard for someone other than that user to access the data.
Multi-factor authentication is being used by more companies every day. It is especially popular online with websites. Compliance acts are also another reason for its growing usage. Compliances acts such as Sarbanes-Oxley
require financial institutions to utilize some sort of multi-factor authentication when offering online account access to their customers.
Expect multi-factor authentication to become the standard method of authentication in the future. Whether it is just an additional strong password policy, the use of a security question, or biometrics, additional security is a
must when securing data that is confidential.
No comments:
Post a Comment