Scribd Logo
Upload

Welcome to Scribd!

  • 0-6411307991465111290

    Uploaded by

    Schon Mariatte Cabuenas
    0 views15 pages
    Use it as you please.

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Use it as you please.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    0 views15 pages

    0-6411307991465111290

    Uploaded by

    Schon Mariatte Cabuenas
    Use it as you please.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 15

    Two - Step

    Authentication or
    Multi-factor
    Authentication
    KEY TOPICS:

    What is Authentication?
    Authentication Factors
    Two-Factor Aunthentication (2FA)
    2FA authentication factor?
    How does two-factor authentication work?
    Why use two-factor authentication?
    Is SMS-based two-factor authentication secure and what are the
    drawbacks?
    Multi-factor Authentication
    MFA authentication factor
    How does MFA work?
    Why is MFA more secure than single-factor authentication?
    What is Authentication?
    Authentication is an important component of access
    control. It is the security practice of confirming that
    someone is who they claim to be. The number of factors
    required for users to prove their identities often
    depends on the sensitivity of the data and digital
    resources involved.
    AUTHENTICATION FACTORS
    AUTHENTICATION FACTORS ARE DIFFERENT CLASSES OF IDENTITY
    VERIFICATION METHODS.

    KNOWLEDGE FACTORS: POSSESSION FACTORS INHERENCE FACTORS:

    Things that you know. This Things that you have. It may Things that you are. This is
    typically includes passwords, include an authenticator app on a where "biometrics" come
    personal identification numbers mobile device, security keys, or a in. It may include a
    (PINs), and one-time passwords security token, which is a fingerprint scan, facial
    (OTPs). It may also include hardware device that plugs into recognition, retina scan, or
    asking the user to answer a your computer's USB port. A voice authentication.
    security question, such as the smartphone frequently provides
    name of the street you grew up the possession factor in
    on. conjunction with a one-time
    passcode (OTP) app.
    Two-Factor
    Authentication
    (2FA)
    Two-factor authentication or two-step verification, abbreviated
    as 2FA, is an authentication process that requires two different
    authentication factors to establish identity. In a nutshell, it
    means requiring a user to prove their identity in two different
    ways before granting them access. 2FA is one form of multi-
    factor authentication.

    The two pieces of verifiable information requested must be


    from different categories.
    2FA authentication factor?
    SOME COMMONLY USED AUTHENTICATION FACTORS FOR 2FA INCLUDE:

    1 2 3 4
    KNOWLEDGE POSSESION BIOMETRIC DATA LOCATION

    This is a piece of This factor relies in These are unique Location- based
    information that the user maintaining biological traits of the tools like GPS can
    only the user physical possession user that can be used be used to restrict
    should know, such of an object. For in authentication. authentication to
    example, a hardware
    as a password or Examples include users within a
    key that can
    the answer to a fingerprints, retinal specified
    generate passcodes,
    security question. scans, and face ID. geographic region.
    or a mobile device
    that can be sent
    codes.
    HOW DOES TWO-AUTHENTICATION WORK?

    Two-factor authentication can work in multiple ways. One of the most common examples of 2FA
    requires a username/password verification and an SMS text verification.

    WHY USE TWO-FACTOR AUTHENTICATION?

    Password-based security has become too easy to exploit by attackers. With the prevalence of
    phishing scams, on-path attacks, brute force attacks, and password re-use, it has become
    increasingly simple for attackers to collect stolen login credentials. These stolen credentials can be
    traded or sold for use in credential stuffing attacks. For this reason, 2FA is becoming more and more
    commonplace.

    IS SMS-BASED TWO-FACTOR AUTHENTICATION SECURE?

    SMS-based 2FA (text-message verification) is much more secure than single-factor authentication
    (password-only). That being said, SMS is among the least secure 2FA methods. The SMS protocol is
    not very secure and SMS messages can be intercepted by attackers.
    There is also an emerging 2FA technology called ‘Sound-
    Proof’, which uses ambient noise picked up by the microphones
    built into mobile devices and laptops. Sound-Proof works by
    comparing the samples of ambient noise to ensure that both
    devices are in the same room.
    MILTI-FACTOR
    AUTHENTICATION
    (MFA)
    With multi-factor authentication, users are required to
    provide more than one piece of verifiable information to
    authenticate. MFA was designed to add additional layers
    of security to sensitive information.

    As with 2FA, the pieces of verifiable information requested


    must be from different categories. Sign-on processes
    might require that users provide their usernames and
    passwords (something they know), but also require either
    something they have, such as a fob or smartphone, or
    something they are, such as a fingerprint or retina scan.
    MFA
    Before granting a user access to a software
    application or a network, identity verification

    authentication systems assess the user for characteristics that are


    specific to them in order to make sure they are who

    factors? they say they are. These characteristics are also


    known as "authentication factors."
    THE THREE MOST WIDELY USED AUTHENTICATION FACTORS ARE:

    Knowledge factors: Things that you know (something the user knows).

    Possession: Things that you have (something the user has).

    Inherence Factors: Things that you are (something the user is).

    MFA refers to any usage of two or more authentication factors. If only two authentication
    factors are used, MFA can also be referred to as two-factor authentication or two-step
    verification. Three-factor authentication is another form of MFA.
    HOW DOES MFA WORK?

    MFA works the same way as 2FA, but users are required to provide a minimum of two pieces of
    verifiable information to authenticate.

    WHY IS MFA MORE SECURE THAN SINGLE-FACTOR AUTHENTICATION?

    Single-factor authentication is the use of just one of the above factors to identify a person. Requiring
    a username and password combination is the most common example of single-factor authentication.
    The problem with single-factor authentication is that an attacker only needs to successfully attack the
    user in one way in order to impersonate them. If someone steals the user's password, the user's
    account is compromised. By contrast, if the user implements MFA, an attacker needs more than a
    password to gain access to the account — for example, they will likely need to steal a physical item
    from the user as well, which is much more difficult. It is important to keep in mind that it is the use of
    different factors that makes MFA secure, not multiple uses of the same factor.
    THANK YOU FOR
    LISTENING!!!

    You might also like