Q

What is two-factor authentication?

In this Ask the Expert Q&A, our identity and access management expert explains what two-factor authentication is and how it protects you from hackers.

What is two-factor authentication and does it help protect you from hackers?
There are three factors in authentication: what you know, what you have and what you are.

What you know would be a traditional user ID and password. This is something that the user knows and carries around in their head.

What you have is a device the user possesses. Examples include smart cards, tokens or any other device they could carry around in their hand for access to a system.

What you are would be a physical characteristic of the user that, ideally, can't be modified, such as their fingerprint, face, retinal veins or voice. Authentication using what you are would obviously be biometrics systems.

Combining any two of these factors is two-factor authentication. Using only one, such as only a user ID and password, would be single-factor authentication.

How does two-factor authentication protect you from hackers? Well, each factor has its own unique weaknesses, but each vulnerability is different. An attacker can steal a password and token, but stolen tokens are not easily used. However, tokens can be defeated in other ways, such as by man-in-the-middle attacks, which are a whole different scenario. And biometrics are a different story altogether.

This means two-factor authentication offers a multi-layered approach to security. If one factor is broken one way, the second factor provides protection since it can't be broken the same way. For example, if a hacker steals a user ID and password, say, through a phishing site, if a token -- the second factor -- is also required to log on to the Web site, the attack is blocked. Two-factor authentication provides an extra layer of protection and security.


More Information

  • Learn more about two-factor authentication.
  • Understand your authentication options.
  • Learn hacking tools and tactics and what you can do to protect your network.

  • This was first published in September 2005

    Dig deeper on Biometric Technology

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close