two-factor authentication

According to proponents, two-factor authentication could drastically reduce the incidence of online identity theft, phishing expeditions, and other online fraud, because the victim's password would no longer be enough to give a thief access to their information. Opponents argue (among other things) that, should a thief have access to your computer, he can boot up in safe mode, bypass the physical authentication processes, scan your system for all passwords and enter the data manually, thus -- at least in this situation -- making two-factor authentication no more secure than the use of a password alone.

Some security procedures now require three-factor authentication, which involves possession of a physical token and a password, used in conjunction with biometric data, such as fingerscanning or a voiceprint.

Learn more about Security Token and Smart Card Technology

	Identity and Access Management Services, Systems and Technologies: This Security School explores critical topics related to helping security practitioners establish and maintain an effective identity and access management plan.
Exploring authentication methods: How to develop secure systems: Discover authentication options and learn how to implement, maintain and secure methods of authentication, such as biometrics and smartcards to avoid breaches and protect data.
Quiz: Next-generation authentication: A five-question quiz to test your knowledge of the content presented by expert Mark Diodati in this lesson of SearchSecurity.com's Identity and Access Management Security School.
	Future authentication technologies: How to choose the right product: In this Identity and Access Management Security School lesson, Burton Group's Mark Diodati explores innovative and cost-effective user-based authentication technologies.
Spy vs. Spy: Excerpt from Chapter 6 of Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day.
Lesson/Domain 2 -- Security School: Training for CISSP Certification: SearchSecurity.com Security School webcasts are focused on CISSP training. Each lesson corresponds to a specific domain in the CISSP exam's "Common Body of Knowledge."
Authenticating users: User authentication is critcal to ensure proper authorization and access to systems and services. Peruse these resources on two-factor and Web services authentication, and more.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

More resources from around the web: - SearchSecurity.com offers more information in their Featured Topic: Two-Factor Authentication.

FILE EXTENSION AND FILE FORMAT LIST File Extension and File Format List: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

RELATED CONTENT First Data, RSA push tokenization for payment processing The encryption-token service could compete against vendors offering format preserving encryption to secure payment transactions. How to log in to multiple servers with federated single sign-on (SSO) Single sign-on is a rapidly evolving technology that, when partnered with federation tools, can offer a greater and greater level of granularity for... Best Authentication Products Readers vote on the best digital identity verification products, services, and management systems, including PKI, hardware and software tokens, smart...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary authentication server  (SearchSecurity.com) An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued) Chameleon Card  (SearchSecurity.com)