Browse Definitions :
Definition

strong authentication

Contributor(s): Matthew Haughn

Strong authentication is  any method of verifying the identity of a user or device that is intrinsically stringent enough to ensure the security of the system it protects by withstanding any attacks it is likely to encounter.  

Strong authentication is a commonly-used term that is largely without a standardized definition. According to the European Central Bank (and the many organizations that follow its guidelines), strong authentication combines at least two mutually-independent factors so that the compromise of one method should not lead to the compromise of the second. Additionally, the authentication method must include one non-reusable element, which cannot easily be reproduced or stolen from the Internet.

The term strong authentication is often used synonymously with two-factor authentication (2FA) or multifactor authentication (MFA).  However, that usage is misleading because some types of very secure authentication rely on a single authentication factor.

In some cases, for example, systems using multiple challenge / response answers are considered strong authentication. However, such systems are based on multiple instances of the knowledge factor, rather than multiple independent factors and as such are single-factor authentication (SFA). Similarly, some types of biometric authentication are reliable enough when used alone that they are considered strong authentication.

This was last updated in February 2015

Next Steps

Expert David Strom reviews the benefits and features of Dell Defender multifactor authentication software.

Continue Reading About strong authentication

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • smart contract

    A smart contract, also known as a cryptocontract, is a computer program that directly controls the transfer of digital currencies...

  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A...

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

SearchSecurity

SearchHealthIT

  • Health IT (health information technology)

    Health IT (health information technology) is the area of IT involving the design, development, creation, use and maintenance of ...

  • fee-for-service (FFS)

    Fee-for-service (FFS) is a payment model in which doctors, hospitals, and medical practices charge separately for each service ...

  • biomedical informatics

    Biomedical informatics is the branch of health informatics that uses data to help clinicians, researchers and scientists improve ...

SearchDisasterRecovery

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a data center.

  • ransomware recovery

    Ransomware recovery is the process of resuming options following a cyberattack that demands payment in exchange for unlocking ...

  • natural disaster recovery

    Natural disaster recovery is the process of recovering data and resuming business operations following a natural disaster.

SearchStorage

  • RAID 5

    RAID 5 is a redundant array of independent disks configuration that uses disk striping with parity.

  • non-volatile storage (NVS)

    Non-volatile storage (NVS) is a broad collection of technologies and devices that do not require a continuous power supply to ...

  • petabyte

    A petabyte is a measure of memory or data storage capacity that is equal to 2 to the 50th power of bytes.

Close