| |
|
|
By Sam Brown [ 26/11/2008 ] Publishing Free Articles Zone articles is subject to our Publisher's Terms Of Service |
 Add to Favorites Email to a friend Publish this Article Print this article  Article direct link email Article Author Report this article
|
A couple of weeks I received a mysterious package in my mailbox consisting of a little device with numbers on it. The numbers change every minute or so and from the way my wife described it over the phone (yes, she was opening my mail), it looks like something that was ominously counting down to some fateful event. It turned out to be a One Time Password Token that my bank was using as part of its authentication mechanism to give me access to online banking.
Why go through all the hassle? I already had a username and password that I needed to access my account. Did I really need a token to supplement that?
Well, the bank was implementing a security technique called Two Factor Authentication. This is stronger than a simple username and password in that it requires an additional “key” that you need to prove you are who you say you are and open the door onto their services.
Let’s start at the beginning. How can you prove you are really you? Well, security systems traditionally used to work based on one of the three factors below:
• Something you know. For example: a secret passphrase could give you access to a special club room.
• Something you have. For example: a key could give you access to a locked drawer in your desk.
• Something you are. For example: a doorman, recognising your facial features, could give you access to your apartment. This class of security factors is sometimes referred to a “biometrics” as it can be based around measurements of what we look like and other physical attributes.
Each of these authentication mechanisms is distinct and relatively secure. However, when combined together, a technique called multi-factor authentication, they can provide a substantial obstacle for an intruder to access your secrets.
With respect to the One Time Password Token I received above, this was part of the bank’s mechanism to let me log into their Online Banking Service. It was to be used combined with my login name and password to form a Two Factor Authentication login process that ensured that my bank account details were secure. In order for someone to access my account, they would not only need to know my username and password, but would also need to be in possession of the Security Token I was given, without which they wouldn’t have been given access to my details.
About the author:
As an avid technology lover, K. Green follows tech movements within network security solutions, including two factor authentication, tokenless and strong SSL VPN authentication solutions.
Article Source: http://www.Free-Articles-Zone.com
מאמרים 
Free Articles
Two Factor Authentication Equals Two Factor Security