Multifactor Authentication Methods: Tokens, OTP and Biometrics

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hey there Cybrarians, and welcome back to the
00:00
>> Linux plus course here at Cybrary.
00:00
>> I'm your instructor, Rob Goelz.
00:00
In today's lesson, we're going to
00:00
be covering multifactor authentication.
00:00
Upon completion of today's lesson,
00:00
you are going to be able to explain the benefits of
00:00
multifactor authentication and then also
00:00
describe the different types
00:00
of multifactor authentication.
00:00
The traditional concept of
00:00
using a username and password for
00:00
authentication is no longer secure
00:00
enough for most of our purposes today.
00:00
This is really for a number of reasons.
00:00
A user can share their credentials
00:00
like a user's password could be compromised.
00:00
Having an additional method
00:00
for authentication is a really good idea.
00:00
This is where the concept of
00:00
multifactor authentication comes in.
00:00
Multifactor authentication, MFA,
00:00
or sometimes two-factor authentication,
00:00
abbreviated as 2FA,
00:00
>> provides an additional method of authentication.
00:00
>> When we're talking about MFA,
00:00
you must have at least two things.
00:00
They are something you know,
00:00
something you have or possess,
00:00
and then something you are.
00:00
We'll discuss this throughout this lesson.
00:00
First of all, let's talk about the concept of a OTP,
00:00
one-time password, one-time pad.
00:00
Generally, a username and
00:00
password represents something that you know.
00:00
In this concept,
00:00
a one-time password is something that you possess.
00:00
Now, an example of this is an RSA device.
00:00
It could be a physical OTP like the key fob that's in
00:00
the upper right-hand corner or it could be
00:00
a software OTP like a desktop or a mobile app.
00:00
But either way, these tokens generate a one-time pad,
00:00
which is a random number that's generated by the token.
00:00
Then you enter that number along
00:00
with the username and password to authenticate.
00:00
Again, your username and password, something you know,
00:00
and this one-time pad is something that you possess.
00:00
Another concept, another example of something that you
00:00
have are tokens or CAC/PIV cards.
00:00
Now, tokens are physical devices that
00:00
are used by commercial and private users.
00:00
An example of that is the YubiKey
00:00
that you see in the upper right.
00:00
The other example here is the CAC/PIV cards.
00:00
These are commonly used by
00:00
the US government and military,
00:00
and either way, either one of these objects contains
00:00
a digital ID or a number of digital certificates.
00:00
To authenticate, the user has to
00:00
plug in the card or token,
00:00
and then they have to enter a pin
00:00
>> for the card or token.
00:00
>> This provides something you have,
00:00
which is the card or token,
00:00
and something you know, which is the pin.
00:00
There you go, two-factor authentication.
00:00
Now, the last authentication factor
00:00
we'll talk about today is something you are
00:00
>> and something you are is
00:00
>> generally handled by biometrics.
00:00
It's something that you are, your fingerprint,
00:00
it could be your iris,
00:00
it could be a face scan.
00:00
Right now, the most common form of
00:00
biometrics is still a fingerprint reader.
00:00
You'll see this everywhere on laptops,
00:00
on iOS devices,
00:00
even on the Android devices now to your right,
00:00
they can read your fingerprint
00:00
to approve transactions and stuff like that.
00:00
But more recently, facial recognition has come to
00:00
the forefront as another form
00:00
of biometric authentication.
00:00
You'll see this in iOS as well
00:00
>> to unlock your phone with
00:00
>> your face or even
00:00
sometimes you see this with Windows Hello.
00:00
It can just recognize you when you walk up
00:00
to your computer and unlock it for you.
00:00
Less commonly, we still see some places
00:00
where they use a retina or iris scanner.
00:00
It looks at your eyes and determines
00:00
whether or not you are who you say you are.
00:00
A lot of times I see this in really secure facilities.
00:00
Sometimes very secure data centers
00:00
>> will have this thing.
00:00
>> With that, in this lesson,
00:00
we covered the benefits of multifactor authentication.
00:00
Then we talked about the different types of
00:00
MFA such as OTP,
00:00
one-time pad, one-time password,
00:00
hardware and software devices.
00:00
We saw an example of a
00:00
>> RSA hardware and software device.
00:00
>> Tokens and cards;
00:00
the YubiKey versus the CAC/PIV card.
00:00
Then finally, biometrics, your fingerprint,
00:00
your face, all that good stuff.
00:00
Thanks so much for being here,
00:00
>> and I look forward to seeing you in the next lesson.
Up Next