Strong authentication involves verifying a person’s identity through at least two of three factors: something they know, something they have, and something physically unique to them. Multiple challenges to the same factor do not improve verification. The reliability of an authentication system is a trade-off between security, ease of use, and cost constraints.
Strong authentication is generally considered a multi-factor method of confirming the identity of a person trying to access information or enter a restricted area. The factors in verifying an individual’s identity are something the person knows, something the person has, and something physically particular to that person. A system that requires two of the three factors is a two-factor authentication system. This is the minimum level of verification needed to be considered strong authentication.
The first of these identifying factors, something the person knows, is presumably secret information. This could be a password or a personal identification number (PIN). The second factor, something the person has, is a unique item such as an identity document (ID), passport, or hardware token. The third factor is a physical identifying feature such as a fingerprint or retina scan. A common implementation of strong authentication that uses two of these factors is the use of a PIN number with a bank card.
Multiple challenges to the same factor do not improve verification and are not considered strong authentication. Requiring the entry of a username, password, and any number of other information that an individual might know is a challenge for only one factor. The same would be true for evaluating multiple biometric identifiers for an individual. The security of a system is only made more difficult to compromise by challenges to two or all three types of identity verification factors.
Controlling access to your computer often involves the use of strong authentication methods. Authenticating the identity of the user requesting access and then granting the privileges previously assigned to that user is the common procedure. Access to corporate or even personal computers could involve an assigned password coupled with a smart card or the use of a biometric device. After your identity has been satisfactorily verified, you may still be subject to restrictions put in place by your system administrator. Authentication does not necessarily imply authorization.
It is generally considered impossible to verify a user’s identity with absolute certainty. The reliability of an authentication system is often a trade-off between security and ease of use or cost constraints. Effective use of strong authentication is directly tied to the trustworthiness of the identifying factors involved. Organizations with lax password management risk compromising part of authentication. The same goes for an individual if he uses the same password in all interactions.
Protect your devices with Threat Protection by NordVPN
