Generally there are three types of "factors" to consider: Something you HAVE, something you KNOW, and something you ARE (unique personal characteristics). It is possible to buy a safe in which you need to HAVE a key, and you need to KNOW the sequence of numbers to enter using a keypad. Today two factor authentication using computers is generally KNOWing a password and HAVing a mobile phone. The third (something you ARE) is biometrics - fingerprint, iris scan, facial scan, genome, etc. Anyone know what might be considered a fourth factor? For a fuller description and several examples, see my text book, Database Management, McGraw-Hill, 1986, section 14.4 (pages 515-529). As a mini-test (my being a teacher) how would you classify each of the following: handwriting, hand geometry, voice, key (on a key ring), ID card, personal history, combination lock, password, fingerprint. (LinkedIn Data Modeling 2020 April)
Jan Berdnik comments:
Better: ONLY you know and ONLY you have. As with any genuine authorising.
Everest responds:
Better maybe, but can't be guaranteed. That is precisely why multifactor authentication is so much better -- it can be orders of magnitude more secure, than trying so hard to come up with passwords difficult to guess or remember. Some organizations are going too far with the rules for constructing passwords making it a real burden for users.
No comments:
Post a Comment
Comments to any post are always welcome. I thrive on challenges and it will be more interesting for you.