two-factor authentication

According to proponents, two-factor authentication could drastically reduce the incidence of online identity theft, phishing expeditions, and other online fraud, because the victim's password would no longer be enough to give a thief access to their information. Opponents argue (among other things) that, should a thief have access to your computer, he can boot up in safe mode, bypass the physical authentication processes, scan your system for all passwords and enter the data manually, thus -- at least in this situation -- making two-factor authentication no more secure than the use of a password alone.

Some security procedures now require three-factor authentication, which involves possession of a physical token and a password, used in conjunction with biometric data, such as fingerscanning or a voiceprint.

Read more about two-factor authentication: - SearchSecurity.com offers more information in their Featured Topic: Two-Factor Authentication.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

BROWSE BY TAG Security Token and Smart Card Technology,   Enterprise Identity and Access Management,   User Authentication Services,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Risk management must include physical-logical security convergence If your organization is serious about managing risk and total asset protection, then physical-logical convergence is a necessary step. RSA researcher Ari Juels: RFID tags may be easily hacked SearchSecurity.com caught up with Dr. Ari Juels and asked the well-known cryptographer about RFID security, cloud storage innovations and his new... Portable security storage device could replace OTP devices A new USB-like device, hardened with security features, could overtake one-time password devices and give end users flash memory to carry around...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary authentication server  (SearchSecurity.com) An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued) Chameleon Card  (SearchSecurity.com)