Authentication (information security): Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Tom Morris
No edit summary
mNo edit summary
 
(One intermediate revision by one other user not shown)
Line 3: Line 3:


One of the basic ways to think about authentication is that it confirms your purported identity with:
One of the basic ways to think about authentication is that it confirms your purported identity with:
*Something you '''know''' (e.g., a [[password]])
*Something you '''know''' (e.g., a [[password]] or PIN)
*Something you '''have''' (e.g., a [[key (lock)]] or [[security token]])
*Something you '''have''' (e.g., a [[key (lock)]], [[security token]] or credit card)
*Something you '''are''' (e.g., a [[biometrics|biometric attribute]], or perhaps a confirmed location
*Something you '''are''' (e.g., a [[biometrics|biometric attribute]], or perhaps a confirmed location)
These are all '''factors''' in authentication, along with your claimed identity. '''[[Two-factor authentication]]''', at its most basic, is the combination of user ID and password.
These are all '''factors''' in authentication, along with your claimed identity. '''[[Two-factor authentication]]''', at its most basic, is the combination of user ID and password.


Line 14: Line 14:
A security token is a hardware and software device that generates a changing authenticator to be sent in response to a challenge after the user ID is entered. There are two basic types, both usually of credit card size. One displays a changing number, generated by a cryptographic hash of a unique number in the physical authenticator, and a time code synchronized between the token and an authentication server.
A security token is a hardware and software device that generates a changing authenticator to be sent in response to a challenge after the user ID is entered. There are two basic types, both usually of credit card size. One displays a changing number, generated by a cryptographic hash of a unique number in the physical authenticator, and a time code synchronized between the token and an authentication server.


The other, somewhat complex, has a keypad on which a challenge number sent by the authentication server is manually entered. It also may be necessary to enable the security token by entering a personal identifier.  These factors, as well as a time code and token identifier, form the hash to be sent back.
The other, somewhat complex, has a keypad on which a challenge number sent by the authentication server is manually entered. It also may be necessary to enable the security token by entering a personal identifier.  These factors, as well as a time code and token identifier, form the hash to be sent back.[[Category:Suggestion Bot Tag]]

Latest revision as of 16:01, 14 July 2024

This article is developing and not approved.
Main Article
Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.

In information security, the processes of identification, authentication and credentialing are closely linked, authentication being the technologies and procedures used to confirm one's identification to a secure information system. You can think of it as a safeguard against identity theft.

One of the basic ways to think about authentication is that it confirms your purported identity with:

These are all factors in authentication, along with your claimed identity. Two-factor authentication, at its most basic, is the combination of user ID and password.

Since passwords, as well as user IDs, can be stolen, more secure alternatives are desired for two-factor identification. Some of the oldest techniques include one-time passwords, and the use of security tokens.

Security token

(FU) Image: Blizzard Entertainment
A security token used by the game World of Warcraft

A security token is a hardware and software device that generates a changing authenticator to be sent in response to a challenge after the user ID is entered. There are two basic types, both usually of credit card size. One displays a changing number, generated by a cryptographic hash of a unique number in the physical authenticator, and a time code synchronized between the token and an authentication server.

The other, somewhat complex, has a keypad on which a challenge number sent by the authentication server is manually entered. It also may be necessary to enable the security token by entering a personal identifier. These factors, as well as a time code and token identifier, form the hash to be sent back.