You are here: Home What Security Concepts Multi-factor authentication

Multi-factor authentication

In the security world, the techniques used for authentication (proving somebody's identity) are considered to belong to 3 types of factors.

  • Something you know (password, PIN, etc.) - something that you have memorized
  • Something you have (typically a CARD or some other hardware - like an ATM card, smart Card, a phone, etc.), and
  • Something you are (bio-metrics - like your finger prints, or retina scan, voice recognition, etc.)
Each factor comes with its own pros and cons. Those that are really secure (like bio-metrics) are harder to manage, whereas those that are easy to manage (passwrods, for example) are also the most difficult to remember and easy to hacking techniques.

Multi-factor refers to an authentication process that includes at least two factors from the list above. For example, ATM cards work as two-factor authentication - you possess the card, AND you know it's PIN. A software on your phone that is PIN protected could be considered two-factor - you have the phone, AND you know the PIN/Password to use it or the particular software.

When configured correctly, multi-factor is more secure than single factor. With single factor, the bad guys need to handle only one credential or factor, in multi-factor, they will have to steal two or more different form factors. Imagine if your ATM card had no PIN, the moment you lose it and bad guys get hold of it, all your money is gone. But since they do not know your PIN, even if they have your card, your money is safe.

Multi-factor need not be explicit like ATM card and PIN. In the computer world, it could be implicit as well. Consider that your home has a particular IP address - we can generally say that any requests coming from that IP address are genuinely originated by you. Thus, it may suffice to login to sites with a password or PIN. What if you are accessing a service from outside your home. Since it could be any one (not just you) that can access your service from outside your home - you may want a visible multi-factor there - one example, is your possession of your phone and a PIN or a password on top of it.

These techniques and protections make sense. Unfortunately, businesses you access over internet do not provide them. As mentioned earlier, it is not their forte or core service. That is why Seqrly is created - we want to introduce such common sense protection mechanisms to ordinary people, like you and me.



References



Warning: include(../../stdFooter.php): failed to open stream: No such file or directory in /opt/apache/htdocs/seqrly/docs/what/concepts/mfa.php on line 58

Warning: include(): Failed opening '../../stdFooter.php' for inclusion (include_path='.:/usr/local/lib/php') in /opt/apache/htdocs/seqrly/docs/what/concepts/mfa.php on line 58

Warning: include(../../stdScripts.php): failed to open stream: No such file or directory in /opt/apache/htdocs/seqrly/docs/what/concepts/mfa.php on line 59

Warning: include(): Failed opening '../../stdScripts.php' for inclusion (include_path='.:/usr/local/lib/php') in /opt/apache/htdocs/seqrly/docs/what/concepts/mfa.php on line 59