Content-type: text/html Downes.ca ~ Stephen's Web ~ How to Deploy Two-Factor Authentication

Stephen Downes

Knowledge, Learning, Community

We're reading more recently about something called 'two factor authentication'. Here's the concept: "This technique combines a password with something else the user has, such as a token, smart card or a biometric identifier." The 'gold standard' of two factor authentication is the token - a card, signet ring, or some other item that can't be easily duplicated. Google has been trying to use the mobile phone number to generate the second factor - but this depends on people having a mobile phone (and an account in good standing), and they have to not mind surrendering this form of identification to Google. I think we may be moving eventually to some sort of encrypted USB key, at least for online authentication, much like the client certificate created in your browser by StartSSL and similar companies. Unlike your mobile phone number, it won't be directly connected to the credit bureau or marketing department. But unlike passwords, it can't be cracked. In any event, we'll have to do something, as the best-before date for password technology has long since passed.

Today: 2 Total: 10 [Direct link] [Share]

Image from the website
View full size


Stephen Downes Stephen Downes, Casselman, Canada
stephen@downes.ca

Copyright 2024
Last Updated: Dec 22, 2024 7:17 p.m.

Canadian Flag Creative Commons License.

Force:yes