The Top 6 Authentication Mechanisms
Multi-factor authentication (MFA) requires users to provide multiple proofs of their claimed identity before being granted access to some set of resources. The premise of MFA is that, if one mechanism is compromised, others are unlikely to be, so there's still some level of confidence in the user's authentication.
Historically, MFA has demanded a choice of authentication mechanisms from at least two of the following categories:
This taxonomy is becoming less useful as more overt login mechanisms are supplemented or replaced by passive contextual models, which we'll discuss here.
Once collected and aggregated, the authentication server can analyze these signals to look for anomalous patterns that might indicate an attack or fraudulent behavior. This analysis can be:
The days of one-step authentication with a username and password are gone. The digital enterprise requires you to know where they are, what network they're coming from and what application they're accessing. MFA provides enhanced security and control, and moves organizations away from a high-risk password-based security model.
Stay tuned for next week as we discuss choosing the right step-up MFA mechanism for your environment. If you're ready for more now, check out our latest white paper, Best Practices for Step-up Multi-factor Authentication or listen to our latest webinar for a deep-dive into MFA and best practices.