Site Security :: The Benefits of Multi-Factor Authentication

Authors: Maximum article exposure. Publishers: Reprintable article content.

BROWSE ARTICLES

	ArticleBiz.com Home
	Featured Articles
	Recently Added Articles
	Most Viewed Articles
	Article Comments
	Advanced Article Search

AUTHORS

	Submit Article
	Check Article Status
	Author TOS

PUBLISHERS

	RSS Article Feeds
	Terms of Service

The Benefits of Multi-Factor Authentication

Home :: Computers & Technology :: Site Security
By: Aaron Guhl	Email Article
Word Count: 511	Digg it \| Del.icio.us it \| Google it \| StumbleUpon it

Multi-factor authentication has been around for a while now, but has been gaining in popularity dramatically in recent years. Multi-factor authentication is the act of utilizing multiple methods of authentication to access specific data on a network or website.

With so many ways to capture a user’s password, multi-factor authentication is a way to secure data with more than just a single username and password. If that username and password is compromised, then the attacker will still need additional information to access the confidential data or website. Multi-factor authentication doesn’t necessarily mean just adding on another username and password prompt. It can be a security question or code request as well. For example, once a user logs in with their username and password, the website also asks them for their mother’s maiden name that they entered when originally setting up their account. This additional prompt can hinder an attackers attempt at accessing their account. Should they already know the username and password, they will also need to know the user’s mother’s maiden name as well.

To add further security to multi-factor authentication, one-time passwords may be added to the mix. A one-time password policy is the technique of using a token or other method that will generate a new password every minute or so and only the server knows what the password is at the minute. The user then uses the password shown on the token as a second authentication method. After the user uses that password, the password is reset again and that password is never used again. This is a very secure method that prevents many types of intrusion. If an attacker was able to capture the hash from the authentication transaction, by the time they get done decrypting it, the password will have changed to a different one.

Another technique to multi-factor authentication is the use of biometrics. Biometrics is the use of some type of scan mechanic on the user’s body such as a finger print or eye retina. Adding multi-factor authentication where the second factor of authentication is something specific to that user adds a much deeper level of authentication that is much more secure. Adding a layer of security that is something of "what the user knows", "who the user is", or "what the user has" makes it hard for someone other than that user to access the data.

Multi-factor authentication is being used by more companies every day. It is especially popular online with websites. Compliance acts are also another reason for its growing usage. Compliances acts such as Sarbanes-Oxley require financial institutions to utilize some sort of multi-factor authentication when offering online account access to their customers.

Expect multi-factor authentication to become the standard method of authentication in the future. Whether it is just an additional strong password policy, the use of a security question, or biometrics, additional security is a must when securing data that is confidential.

Aaron Guhl is an IT professional that specializes in security. He frequently writes on his blog regarding security issues to help IT professionals get a better understanding of security in their networks. Visit his website: Multi-factor Authentication

Article Source: http://www.ArticleBiz.com