Two-factor authentication (T-FA) is an authentication protocol that requires two forms of authentication to access a system. This contrasts with traditional password authentication, which requires that a user only know a password to gain access to a system.
Using more than one factor of authentication can also be called strong authentication; using just one factor, for example just a password, is considered weak authentication.
The first factor in the authentication may be something the user knows such as a password or PIN. The second factor may be something the user has or is such as a card, token, electronic badge, fingerprint or retinal pattern (biometrics).
The first factor in the authentication is typically a physical token, such as a card, electronic badge, fingerprint or retinal pattern (biometrics). The other is typically something memorized, such as a security code or PIN. In this context, the two factors involved are sometimes spoken of as something you have and something you know.
A common example of T-FA is a bank card (credit card, debit card); the card itself is the physical item, and the personal identification number (PIN) is the data that goes with it.
According to proponents, T-FA could drastically reduce the incidence of online identity theft, and other online fraud, because the victim's password would no longer be enough to give a thief access to their information. On the other hand, opponents argue that, (among other things) should a thief have access to your computer, he can boot-up in such a way as to bypass the physical authentication processes, scan your system for all passwords and enter the data manually, thus - at least in this situation - making T-FA no more secure than the use of a password alone. |
