Two-factor authentication: Difference between revisions
From ACT Wiki
Jump to navigationJump to search
imported>Doug Williamson (Link with 3D Secure page.) |
(Expand definition.) |
||
(One intermediate revision by one other user not shown) | |||
Line 4: | Line 4: | ||
Two-factor authentication is a principle of security systems requiring additional features on top of standard usernames and passwords. | Two-factor authentication is a principle of security systems requiring additional features on top of standard usernames and passwords. | ||
The additional features may be something you: | The additional features may be something you: | ||
*Know: for example, a personal identification number (PIN), an additional password, answers to “secret questions” or specific keystroke patterns | *Know: for example, a personal identification number (PIN), an additional password, answers to “secret questions” or specific keystroke patterns. Sometimes known as a knowledge factor. | ||
*Have: for example a credit or debit card, a smartphone, or a small hardware token | *Have: for example a credit or debit card, a smartphone, or a small hardware token. Sometimes known as a possession factor. | ||
*Are: for example, a fingerprint, iris scan, or voice print | *Are: for example, a fingerprint, iris scan, or voice print. Sometimes known as a biometric factor. | ||
Line 21: | Line 22: | ||
* [[Behavioural analytics]] | * [[Behavioural analytics]] | ||
* [[Biometric recognition]] | * [[Biometric recognition]] | ||
* [[Multi-factor authentication]] (MFA) | |||
* [[Strong Customer Authentication]] | * [[Strong Customer Authentication]] | ||
* [[Token]] | |||
[[Category: | [[Category:Accounting,_tax_and_regulation]] | ||
[[Category:Risk_frameworks]] |
Latest revision as of 11:51, 18 January 2024
Security systems.
(2FA).
Two-factor authentication is a principle of security systems requiring additional features on top of standard usernames and passwords.
The additional features may be something you:
- Know: for example, a personal identification number (PIN), an additional password, answers to “secret questions” or specific keystroke patterns. Sometimes known as a knowledge factor.
- Have: for example a credit or debit card, a smartphone, or a small hardware token. Sometimes known as a possession factor.
- Are: for example, a fingerprint, iris scan, or voice print. Sometimes known as a biometric factor.
- Keep control
- "... the importance of not relinquishing your own control requirements, as a number of companies that turned off two-factor authentication when they went live with a cloud solution were subsequently breached."
- Ludwig Keyser, Director of Joint Operations Centre, Barclays - EACT Conference Tackling cyber risks in treasury, January 2019.