Factors of Authentication
When we talk about the factors of authentication, we are referring to the way in which we proved that we are who we say we are. When using computer systems, we need to combine several factors that match in order to provide this proof. In order to access this course, you needed to provide your username and password. This authenticated you on the system and allows you access to the course.
When we discuss factors of authentication these can be divided into 3 separate types: something you are, something you know, and something you have.
When setting up multi-factor authentication, what we are doing is providing three or more pieces of information from any of the three types below. The best forms of authentication have something from all three types.
Something You Are
Something you are refers to an identification number well string of characters. Usually, this is your username or 4 other areas such as bank accounts this would be a long identification number. the important thing to remember about something you are is that it is unique to you. It is for this reason, that many systems use your email address as your username as nobody else will have the same email address which makes it easy to identify this as a unique piece of information.
Watch the video below for an introduction to the factors of authentication.
Something You Know
Something you know refers to your passwords and pin (personal identification number) numbers. this also includes factors such as secret answers to questions that are used either in authentication or as an alternative when you have forgotten your password. Because passwords and secret answers are not unique to you but become unique when combined with your username, it is important that we keep them private.
We looked at creating strong passwords that are difficult to crack in the previous lesson. If you have not created your revision notes on developing strong passwords it would be useful to return to that lesson and complete that task now.
Something You Have
When we talk about something you have in terms of authentication this is referring to physical items but allow us to add another layer of protection to our user accounts. Something you have may refer to biometrics which use parts of our human body to identify us uniquely such as fingerprints all retinal scans.
All forms of biometric scanning require an original scan to be taken and then measurements are taken to create a unique pattern such as the ridges on our fingerprints or the patterns on our retina as these are almost completely unique to the individual. When we use them again to authenticate a second scan is taken and the two scans are compared against each other and if they match within a small tolerance Then the user is authenticated.
Alternatives to biometrics may be physical items that generate unique passcodes. Older forms of this required you to have a specific passcode device generated a unique code, however in more recent years the generation of these cades has moved to smartphone apps allowing us to use our mobile devices as an authentication device. Although this is much more user-friendly, it does create a security risk as our mobile phones contain far more data about us than ever.
Investigate the issues surrounding mobile phone hijacking and how this links cheap multi-factor authentication. What can we do to prevent smartphones from causing a risk to our personal data? A link has been added below to get you started.