Difference between revisions of "Authentication Factor"
From MgmtWiki
(→Something you Have) |
(→Something you Have) |
||
| Line 22: | Line 22: | ||
==Something you Have== | ==Something you Have== | ||
| − | Note that this case includes something called cross-device authentication which is logically indistinguishable | + | Note that this case includes something called cross-device authentication which is logically indistinguishable from this case. |
* Usually a digital artifact that is able to create a one-time access code (aka a one-tine password) | * Usually a digital artifact that is able to create a one-time access code (aka a one-tine password) | ||
===Attacks=== | ===Attacks=== | ||
Revision as of 11:02, 20 March 2022
Contents
Authentication Factors
Attributes or Credential that are used in support of Authentication of a user's Identifier.
Context
Taxonomy
Applicable only in this wiki page:
- Authentication = the establishment of a link between some real-world entity (person or machine) and a digital identity.
- Machine = any device that can attach to an Internet address.
- Digital Identity = a User Object or a list of attribute attributed to you in an on-line database.
- Digital Identifier = a collection of symbols that is used to find your digital identify in a data base
- Passwordless = any online identification that does not include something you know.
Problems
- Authenticating yourself to a device in hand
- Authenticating yourself to a web site over the internet
- Authentication yourself to a physical access device
Something you Know
- This is the oldest factor for creating a digital Identity.
Something you Have
Note that this case includes something called cross-device authentication which is logically indistinguishable from this case.
- Usually a digital artifact that is able to create a one-time access code (aka a one-tine password)
Attacks
- Attacker takes the device away from you
- Attacker has a device that can spoof a Relying Party into thinking it iw working on your behalf.
