Authentication Models in Information Security
Single-Factor Authentication (SFA)
Description: Involves only one type of authentication factor, typically something the user knows, such as a password or PIN.
Example: Logging into an account with just a username and password.
Two-Factor Authentication (2FA)
Description: Requires two different types of authentication factors from the following categories:
- Something you know: Password, PIN.
- Something you have: Security token, smartphone, smart card.
- Something you are: Biometric data like fingerprints, facial recognition.
Example: Entering a password and then a code sent to your smartphone.
Multi-Factor Authentication (MFA)
Description: Extends beyond two factors, involving multiple forms of verification from the above categories to increase security.
Example: Using a password, a fingerprint scan, and a one-time passcode from an authentication app.
Biometric Authentication
Description: Uses unique biological characteristics for identification.
Example: Fingerprint scanning, facial recognition, iris scanning, voice recognition.
Token-Based Authentication
Description: Relies on tokens (physical or digital) as a form of credential.
Example: Smart cards, USB tokens, software tokens generated by authentication apps.
Certificate-Based Authentication
Description: Uses digital certificates issued by a trusted Certificate Authority (CA) to authenticate users or devices.
Example: SSL/TLS certificates for secure web communications, client certificates for secure access to network resources.
Passwordless Authentication
Description: Eliminates passwords, using alternative methods such as biometrics or hardware
0 Comments