Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

The evolution of MFA security tokens


Smartphone token authentication

Source:  Thinkstock

Even older than the Web itself, multifactor authentication (MFA) takes something that only you possess (e.g., a fingerprint, voice print, key fob or piece of software on a smartphone, as illustrated) and combines it with the usual username/password login dialog to prove that you really are legitimately you. The goal of MFA is to strengthen login credentials to keep the bad guys from freely roaming around your network or stealing confidential information; security token authentication can help achieve that goal.

So, for example, in addition to entering a password to access company resources, a user may be required to press a button on a key fob with an LCD screen. The key fob would then generate a unique sequence of numbers for 30 seconds. When he or she enters those numbers as a second factor after his or her password -- the multifactor in "multifactor authentication" -- the sequence is checked against a server on the organization's network to verify authenticity.

If the entered sequence matches, the user is allowed access. If not, he or she must generate a whole new passcode by pressing the button on the key fob again.

Organizations that are in the process of deciding whether or not to deploy MFA technology should become familiar with the criteria for evaluating and buying multifactor authentication products. This will help them determine which deployment method and second factors will work best for their needs. Then it would behoove these enterprises to bone up on the leading MFA vendors in the market today to see how their top-tier multifactor products compare to one another.

View All Photo Stories

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

MFA authentication via smart phones is a little helpful in this process.  I still feel its not a silver bullet, it will work for some situations, but the reality is that because of the way malware tends to work, that there will always be issues.  This helps avoid the problem, and reduce its scale if it happens, but only to a degree I believe.








  • CIO Trends #6: Nordics

    In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

  • CIO Trends #6: Middle East

    In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

  • CIO Trends #6: Benelux

    In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...