This presentation is part of the Authentication Overview Self-Study Course.
Two-factor authentication overcomes the weakness of passwords. There are three universally recognized factors for authenticating individuals:
- 'Something you know', such as a secret password or PIN
- 'Something you have', such as a mobile phone, credit card or hardware security token
- 'Something you are', such as a fingerprint, a retinal scan, or other biometric characteristic
Two-factor authentication requires at least two of the authentication form factors mentioned above (typically the first two). This makes it much more secure than traditional password authentication, which requires only one authentication factor (such as knowledge of a password) in order to gain access to a system.
Deployment of two-factor authentication devices, such as smart cards and hardware tokens, appears to be increasing. More and more organizations are adding a layer of security to the desktop that requires users to physically possess a token, plus have knowledge of a PIN or password in order to access company data.