Browse Definitions:
Reference

Words to Go: Multifactor authentication

Contributor(s): Ivy Wigmore

Information security threats are getting more sophisticated all the time and technologies designed to foil them must follow suit. Multifactor authentication is one approach to ensuring that only authorized users have access to resources. Our Words-To-Go glossary provides brief explanations to the essential MFA terminology, with links to our full definitions for more in-depth information.  Want to test your grasp of the concepts? Try our Multifactor authentication quiz.

authentication -- the process of determining whether someone or something is, in fact, who or what it is declared to be, as a means of securing access to a given resource.

authentication factor --  a category of credential used to verify identity.  The three main categories are knowledge factors (things the user knows), possession factors (things the user has) and inherence factors (things the user inherently is).

biometric authentication -- a type of security system that uses the unique biological characteristics of individuals to verify identity for secure logins into electronic systems.

claims-based identity -- a means of authenticating an end user, application or device to another system in a way that abstracts the entity’s specific information while providing data that authorizes them for appropriate and relevant interactions.

Duo Security -- a vendor of cloud-based two-factor authentication services for integration with websites, VPNs and cloud services. 

FIDO (Fast ID Online) -- an open standard for a secure and easy-to-use universal authentication interface created to address the lack of interoperability among strong authentication devices. 

four-factor authentication (4FA) -- the use of four types of identity-confirming credentials, typically the three common knowledge, possession and inherence factors plus location, although time is sometimes considered the fourth factor.

Google Authenticator -- a mobile security application based on two-factor authentication, which helps to verify user identities before granting access to websites and services. 

knowledge factor -- a category of authentication credentials consisting of information that the user possesses, such as a personal identification number (PIN), a user name, a password or the answer to a secret question.

machine authentication -- the authorization of an automated human-to-machine or machine-to-machine (M2M) communication through verification of a digital certificate or digital credentials.

mobile authentication -- the verification of a user’s identity through the use a mobile device and one or more authentication methods for secure access. Mobile authentication may be used to authorize the device itself or as a part of a multifactor authentication scheme for logging into secure locations and resources.

multifactor authentication (MFA) – the use of two or more independent authentication factors to increase the security of transactions. 

multifactor token – a security token that uses more than one category of credential to confirm user authentication. A common example is the use of a smartphone software token app that enables the phone to serve as the hardware token; this example yields a two-factor token.

one-time password (OTP) --  an automatically generated numeric or alphanumeric string of characters that will authenticate the user for a single transaction or session.

OTP token -- a security device or software program that produces new single-use passwords or passcodes at preset time intervals. 

out-of-band authentication -- a type of two-factor authentication that requires a secondary verification method through a separate communication channel along with the typical ID and password.

security token (sometimes called an authentication token) -- a small hardware device that the owner carries to authorize access to a network service.

shared secret -- data known to only the two entities involved in a communication so that either party's possession of that data can be provided as proof of identity for authentication.

single-factor authentication (SFA) – an authentication method that involves only one category of credential. The familiar user name / password login is the most common form of SFA but some strong authentication methods are also used independently.

soft token -- a software-based security token that generates a single-use login PIN. Software tokens are often components of apps used to secure mobile authentication.

three-factor authentication (3FA) – the use of identity-confirming credentials from three separate categories of authentication factors – typically, the knowledgepossession and inherence categories.

two-factor authentication (2FA) -- a process in which the user provides two means of identification from separate authentication factors. Often one credential is a physical token, such as a card, and the other is something memorized, such as a security code.

two-step verification -- a process that involves two authentication methods, not necessarily from separate authentication factors, performed one after the other to verify that someone or something requesting access is who or what they are declared to be. 

unique identifier (UID) -- a numeric or alphanumeric string that is associated with a single entity within a given system. 

universal authentication -- a network identity-verification method that allows users to move from site to site securely without having to enter identifying information multiple times.

user authentication -- the verification of an active human-to-machine transfer of credentials required for confirmation of a user’s authenticity; the term contrasts with machine authentication, which involves automated processes that do not require user input.

 

This was last updated in February 2015

Continue Reading About Words to Go: Multifactor authentication

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • smart contract

    A smart contract, also known as a cryptocontract, is a computer program that directly controls the transfer of digital currencies...

  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A...

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • incident management plan (IMP)

    An incident management plan (IMP), sometimes called an incident response plan or emergency management plan, is a document that ...

  • crisis communication

    Crisis communication is a method of corresponding with people and organizations during a disruptive event to provide them with ...

  • Zerto

    Zerto is a storage software vendor that specializes in enterprise-class business continuity and disaster recovery in virtual and ...

SearchStorage

  • SSD write cycle

    An SSD write cycle is the process of programming data to a NAND flash memory chip in a solid-state storage device.

  • data storage

    Data storage is the collective methods and technologies that capture and retain digital information on electromagnetic, optical ...

  • hard disk

    A hard disk is part of a unit -- often called a disk drive, hard drive or hard disk drive -- that stores and provides relatively ...

SearchSolidStateStorage

  • hybrid hard disk drive (HDD)

    A hybrid hard disk drive is an electromechanical spinning hard disk that contains some amount of NAND Flash memory.

Close