Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
What are the types of Two-Factor Authentication in Information Security?
There are various types of Two-factor Authentication which are as follows −
Hardware tokens − This type of 2FA needed users to possess a type of physical token, including a USB token, that they should add in their device before logging on. Some hardware tokens display a digital program that users should enter.
SMS and voice 2FA − SMS-based 2FA communicate directly with a user’s phone. After taking a username and password, the site sends the user a unique one-time passcode (OTP) through text message.
Like the hardware token procedure, a user should then enter the OTP back into the software before getting access. Likewise, voice-based 2FA automatically dials a user and verbally pass the 2FA code. While not ordinary, it can be used in countries where smartphones are high-priced, or where cell service is poor.
Software tokens for 2FA − The famous form of two-factor authentication need a software-generated time-based, one-time passcode. It is also known as TOTP, or “soft-token.
First, a user should download and set-up a free 2FA application on their smartphone or desktop. They can then help the app with any site that provide this kind of authentication.
At sign-in, the user first enters a username and password, and then, when endorsed, they enter the code display on the app.
Like hardware tokens, the soft-token is generally true for less than a minute and because the code is created and shown on the similar device, soft-tokens eliminate the chance of hacker interception. That is a major concern with SMS or voice delivery techniques.
Push notifications for 2FA − It can download a push notification app to the phone. When it can enter the login credentials to access a website, a push notification is sent to the smartphone. A message will then occur on the phone requesting that it can approve the log-in attempt with a tap.
By having a direct and secure connection among the retailer, the 2FA service, and the device, push notification remove some opportunity for phishing, man-in-the-middle attacks, or unauthorized access.
But it can only works with an internet-connected device, one that should be able to install apps. SMS-based 2FA can be a preferred fall-back. But where it is an option, push notifications support a more customer-friendly, more protected form of security.
Biometrics − Biometric 2FA, authentication that delight the user as the token, is only around the corner. Current innovations contains checking a person’s identity through fingerprints, retina patterns, and facial identification.
Ambient noise, pulse, typing patterns, and verbal prints are also being analysed. It is only a substance of time earlier one of these 2FA technique takes off and for biometric hackers to figure out how to achieve them.
Location − If the account was generated and registered in one state, and suddenly a log-in is attempted in a multiple location, and it can trigger a location element. These element will alert us when a log-in is attempted on a new device and send us a code to enter to test the identity.
392 Views
