2016 witnessed huge data breach incidents that caused leakage of over 2.2 billion records. Here using a password-based authentication along with a good hashing algorithm used to ensure security but can you guarantee that your users are not using easy-to-guess passwords? Well, the statistics imply something else. This gave a whole many reasons for businesses all over the globe to introduce multi-factor authentication. The article here will highlight five most common types of multi-factor authentication solution that you would like to use this year.
1. HOTP/OTP based MFA:
After SMS based, this one is another most common type of multi-factor authentication These one-time password techniques generate a secret code for the user that he needs to enter in order to get access. This secret code comes with an expiry duration. This code is generated by an authenticator app the user needs to install on its mobile device. One such authenticator app is Google Authenticator.
2. Magic Link Authentication:
In this authentication process, the user needs to provide his/her email id instead of submitting password. When the user provides email id, a direct login link also known as magic link, is sent to the provided email id. To gain access, the user needs to sign in to its email id and click on the received magic link.
3. Yubikey:
Specially helpful in downgrading and Man In The Middle Attack, Yubikey is a small devices that is enabled with a small USB and NFC. This device supports multiple login and cryptography protocols. To opt this strategy, any user can program it on their own while enterprises can also do it in bulk for its employees The technology can be easily used with internet services, password managers, etc.
4. Access Tokens:
Another efficient way of using multi-factor authentication is by using access tokens. The process holds special importance in restricting access to critical data in case of high-security risk environments. The process provides access only when the environment is casual. In this approach the user needs to request access to any resource from a control center and this request can either come on physical level or via a web portal. If the request comes from known environment, access token is provided using which user can get in.
5. Biometric authentication:
The concept of biometric authentication is here since a long time. But now, the concept has reached to masses as consumers are using devices that are equipped with retina sensors, fingerprint sensors, etc. While Windows 10 comes with Windows Hello (Face recognition feature), Apple comes with fingerprint authentication feature in the form of TouchID.
Well, multi-factor authentication is not an optional line of defense. Today, if you want to stay away from coming into headline for wrong reasons, you have to keep your employees and end-users safe.
0 comments:
Post a Comment