Learning Guide

Exploring authentication methods: How to develop secure systems

At a time when identity theft is running rampant, it's crucial to have sound practices for user authentication, customer authentication and partner authentication. Are user names

Requires Free Membership to View

and passwords enough? Is two-factor authentication an effective tactic or useless in the face of emerging threats? This learning guide from SearchSecurity.com is a comprehensive resource that will help you understand today's authentication methods and challenges, and show you how to implement secure authentication systems. Send us an e-mail to let us know what other guides you'd like to see on SearchSecurity.com.

What is authentication?
Authentication involves determining whether a user is, in fact, who he or she claims to be. Authentication can be conducted through the use of logon passwords, single sign-on (SSO) systems, biometrics, digital certificates and a public key infrastructure (PKI).

User authentication is critical to ensure proper authorization and access to systems and services, especially since data theft and information security threats are becoming more advanced. Although authentication cannot completely stop information and identity theft, we can make sure that our resources are protected throughout several authentication methods.

There are three factors of authentication to consider: something you know, such as a user ID and password; something you have, such as a smart card; and something you are, which refers to a physical characteristic, like a fingerprint that is verified using biometric technology. These factors can be used alone, or they can be combined to build a stronger authentication strategy in what is known as two-factor or multifactor authentication. This guide reviews the methods associated with all three authentication factors.


  Introduction: What is authentication?
  ID and password authentication
  Biometric authentication devices, systems and implementation
  Enterprise single sign-on: Easing the authentication process
  PKI and digital certificate authentication and implementation
  Security token and smart card authentication

This was first published in November 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: