Authentication
- Tags
- security
Verifying the validity of something (usually the id claimed by a system entity).
Widely used [see page 17, mechanisms] for authentication are:
| Mechanism | Example | Vulnerabilities |
|---|---|---|
| Something you [see page 18, know] | Password, PIN | Short length can be guessed, phishing, and users can forget passwords |
| Something you [see page 20, have] | Smart-card, 1-time-password-generator | If you lose the hardware you lose the ability to authenticate yourself |
| Something you [see page 21, are] | Biometrics | Biometrics can change overtime (eg. scarring), be tricked and stolen |
| Your location | Current building, proximity to an object |
Note: One time password generators are slowly being replaced with soft tokens.