Two-factor authentication

From ACT Wiki
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Security systems.

(2FA).

Two-factor authentication is a principle of security systems requiring additional features on top of standard usernames and passwords.


The additional features may be something you:

  • Know: for example, a personal identification number (PIN), an additional password, answers to “secret questions” or specific keystroke patterns. Sometimes known as a knowledge factor.
  • Have: for example a credit or debit card, a smartphone, or a small hardware token. Sometimes known as a possession factor.
  • Are: for example, a fingerprint, iris scan, or voice print. Sometimes known as a biometric factor.


Keep control
"... the importance of not relinquishing your own control requirements, as a number of companies that turned off two-factor authentication when they went live with a cloud solution were subsequently breached."
Ludwig Keyser, Director of Joint Operations Centre, Barclays - EACT Conference Tackling cyber risks in treasury, January 2019.


See also