two-factor authentication

According to proponents, two-factor authentication could drastically reduce the incidence of online identity theft, phishing expeditions, and other online fraud, because the victim's password would no longer be enough to give a thief access to their information. Opponents argue (among other things) that, should a thief have access to your computer, he can boot up in safe mode, bypass the physical authentication processes, scan your system for all passwords and enter the data manually, thus -- at least in this situation -- making two-factor authentication no more secure than the use of a password alone.

Some security procedures now require three-factor authentication, which involves possession of a physical token and a password, used in conjunction with biometric data, such as fingerscanning or a voiceprint.

Learn more about Security Token and Smart Card Technology

	Identity and Access Management Services, Systems and Technologies: This Security School explores critical topics related to helping security practitioners establish and maintain an effective identity and access management plan.
Exploring authentication methods: How to develop secure systems: Discover authentication options and learn how to implement, maintain and secure methods of authentication, such as biometrics and smartcards to avoid breaches and protect data.
Quiz: Next-generation authentication: A five-question quiz to test your knowledge of the content presented by expert Mark Diodati in this lesson of SearchSecurity.com's Identity and Access Management Security School.
	Future authentication technologies: How to choose the right product: In this Identity and Access Management Security School lesson, Burton Group's Mark Diodati explores innovative and cost-effective user-based authentication technologies.
Spy vs. Spy: Excerpt from Chapter 6 of Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day.
Lesson/Domain 2 -- Security School: Training for CISSP Certification: SearchSecurity.com Security School webcasts are focused on CISSP training. Each lesson corresponds to a specific domain in the CISSP exam's "Common Body of Knowledge."
Authenticating users: User authentication is critcal to ensure proper authorization and access to systems and services. Peruse these resources on two-factor and Web services authentication, and more.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

More resources from around the web: - SearchSecurity.com offers more information in their Featured Topic: Two-Factor Authentication.

FILE EXTENSION AND FILE FORMAT LIST File Extension and File Format List: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

RELATED CONTENT The pros and cons of implementing smart cards Most infosec pros agree that smart cards create a higher level of enterprise security than passwords alone. Learn how to weigh the pros and cons of... First Data, RSA push tokenization for payment processing The encryption-token service could compete against vendors offering format preserving encryption to secure payment transactions. How to log in to multiple servers with federated single sign-on (SSO) Single sign-on is a rapidly evolving technology that, when partnered with federation tools, can offer a greater and greater level of granularity for...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary authentication server  (SearchSecurity.com) An authentication server is an application that facilitates authentication of an entity that attempts to access a network...(Continued) Chameleon Card  (SearchSecurity.com)