Stupid Question 74: What is two-factor authentication?
.
This came up as a dev asked on twitter why twitter doesn’t have a two-factor authentication. Since a Twitter account is used to login to quite a few apps it really should be more secure. ¨
The dev was not the only one curios about that, many joined the conversation, and I even found somebody who had asked this on Quora:
Twitter:Why doesn’t Twitter offer two-factor authentication?
But what is two-factor authentication anyway?
A two-factor authentication is a way to authenticate using two or more out of three authentication factors. The factors are considered to increase the likeliness that the user is indeed who he/she claims to be (proving identity). Using several versions of one factor is not considered true multifactor authentication (two-factor authentication). The three factors are:
A knowledge factor
– something the user knows
Examples: password, security questions, username/email address etc.
A possession factor
- something the user has
Examples: tokens (mini-device tokens), magnetic stripe cards, soft tokens (SSL certificate), mobile phone (sms, NFC, apps, signatures), smart cards
An inherence factor - something the user is
Examples: iris scan, fingerprint, voiceprintComments
Leave a comment below, or by email. HowardPhenryThank you for this. I've been swamped last few weeks, have read this over and over, just haven't had time to look into it. Thanks for bubbling the essence of this for us.
Last modified on 2012-11-04