What is an Authentication Method?
Authentication is a security mechanism that requires predetermined evidence (factor) before being granted authorization to a system. 2FA is consists of two different required authentication methods. MFA may require more than two factors of authentication before a user can access a system. The most common examples of authentication factors are passwords, PINs, hardware tokens, and biometrics.
There are five different types of authentication:
1) Knowledge-based factor – something you know.
This is the earliest type of authentication – the knowledge factor. The password is the most typical example. Knowledge factors are easy to propagate and use, in theory. But limitations of the password include people not wanting to use long ones (but better for security). Basically – passwords aren’t great for security. Other knowledge factors include:
- PIN (personal identification number)
- Swipe authentication
2) Possession-based factor – something you have.
Having something as a factor is significantly more secure than something everyone might know. Everyone can know a password, but only one person can have the key. Above all, the attack vector is significantly smaller. In conclusion, make sure to protect your possession factor vigilantly.
- Hardware security token
- Software token on your smartphone
- One-time password token
- NFC badge
- Chip implant with wireless signal
3) Inherent-based factor – something you are.
Something you are makes it harder for criminals to gain access to an account since they can’t just guess a weak password. But if someone were to steal your fingerprint, you can’t just make a new one like you can with passwords or physical tokens. After that, the compromised fingerprint will always be out there. In other words, your biometrics will be perpetually hacked!
- Fingerprint biometric scan
- Iris-based biometrics
- Facial biometric scan
- Vein biometric scan
- Voice biometric recognition
4) Location-based factor – somewhere you are.
Where you are is a new factor being used for stronger authentication. Therefore, using location, authentication solutions can analyze risk levels and challenge users for more security based on the situation. For instance, let’s say you logged in from New York, NY at 4:58 PM. But then an hour later, someone on the other side of the world logged in as the same user. Obviously, this is a red flag based on the location factor.
- IP address
- Local proximity detection
5) Behavioral-based factor – something you do.
New methods of authentication include something that must be done. Think of this like a secret handshake from when we were kids. But advanced versions of behavioral authentication are experimenting with using even brainwaves and heart rates to determine authenticity.
- Gaze-based authentication
- Handwriting speed and style
- Typing speed and style
- Physical movement dynamics
- Motion sensor detection
- Heart beat
- Brainwave readings