Did you know Cybrary's video training is FREE? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
Authentication Factors For this lesson we now look at 5 Authentication Factors, define how they are deployed as a security strategy, and discuss the pros and cons of each. For examples, You'll learn why using "Something You Know" concept may be good for users when assigning and remembering their own PIN codes and Passwords, but why it's also an obvious key to a hacker for breaking into your computer or accessing a secure document, account, or other resources. You'll learn the benefits of signature authorization for tracking and accessing individuals by location and how what insights that can provide when monitoring for example, authorized and unauthorized entry events. [toggle_content title="Transcript"] We'll now be looking at authentication factors, factors that facilitate authentication we have something you know, something you have, something you are, somewhere you are, and something you do. Something you know something; some could you know could be a pin, a pass word or a pass gate, a pin personal identification number or a password or a pass phrase When you're trying to log on to a system you're required to provide a pin or a password or a pass phrase that is a something you know only you should know that. Something you have this refers to tokens we have different types of tokens sometime tokens you press it generate a code you key the code into the system then you are granted access if there a perfect match. So it must be a device in your passing it could be a token, it could be a U.S.B, It could be a key something you have. And some think you are we say this is bio-metrics with something you're we're doing bio-metrics and that involves using the physical attributes of a person to uniquely identify that individual. So you're using the physical attributes of human beings to uniquely identify the individuals. This could be a fingerprint, hand geometry, the pupil pattern, retina pattern at the back of the eye those are just some examples of bio metrics. Some where you are, where are you log in from it could be you're working from home, you are at the office, your office is on the third floor and you're trying to log on maybe at management floor in the fifth floor you might not have access. Somewhere you're dictates what systems are you login from? You could have the access to log on from your desk but not at the front desk. Somewhere you are where are you in the facility? Where are you authorized to log on from? Something you do has to do with signature dynamics or keyboard dynamics. With the signature the system will capture how you provide your signature. So every time you provide your signature we use a special pressure sensitive plate to capture your signature. Yes, somebody else could try faking your signature but they couldn't exert the same pressure as you did. For keyboards dynamics we have something called the flight time and the dwell time. So we use specialized keyboards to capture from your credentials. So when you type your credentials in enrollment several times over the keyboard will capture your flight time, that's how long it takes to travel between the keys and your dwell time How long you actually spend on the keys should somebody else happen to know your passwords they couldn't perfect a match between your flight time and your dwell time, so these are the different authentication factors. We also has what we call the one factor authentication, two factor authentication or multi factor authentication. So if you're log on to any system or at the facility and you're using any one of these authentication factors it's one factor authentication. So you're log in to your email you provide only your password that is single factor authentication. If you're log in on and you have to provide any two that is, two factor authentications it's also multi factor authentication. If you have to use modern two's that is you're using three or more multi factor authentication please be careful. If you're two from the same line say two from there or two from there it's not two factor authentications. It is got to be one from there and one from there or one from there and one from there or one from here and one from there to make it two factor authentication. The two factors cannot be in the same line for two factor authentication. They would try that on the exact watch out for that. So we have something you know, something you have, something you are these are the basic authentication factors. Next we have the somewhere you are and something you do and that is it for the authentication factors. [/toggle_content]
CISSP CISM CISA CHFI CSXF CEH, Cyber Security Specialist & Trainer
Subscribe to become an Insider Pro and get access to premium content such as: