Two-Factor Authentication
Mark Stanislav author IT Governance Publishing editor
Format:Paperback
Publisher:IT Governance Publishing
Published:16th Apr '15
Currently unavailable, and unfortunately no date known when it will be back
Passwords are not enough A password is a single authentication factor - anyone who has it can use it. No matter how strong it is, if it's lost or stolen, it's entirely useless at keeping information private. To secure your data properly, you also need to use a separate, secondary authentication factor. Data breaches are now commonplace In recent years, large-scale data breaches have increased dramatically in both severity and number, and the loss of personal information - including password data - has become commonplace. Furthermore, the fact that rapidly evolving password-cracking technology and the habitual use - and reuse - of weak passwords has rendered the security of username and password combinations negligible, and you have a very strong argument for more robust identity authentication. Consumers are beginning to realise just how exposed their personal and financial information is, and are demanding better security from the organisations that collect, process and store it. This has led to a rise in the adoption of two-factor authentication (TFA or 2FA). In the field of authentication security, the method of proving identity can be broken down into three characteristics - roughly summarised as 'what you have', 'what you are' and 'what you know'. Two-factor authentication relies on the combination of two of these factors. Product overview TFA is nothing new. It's mandated by requirement 8.3 of the Payment Card Industry Data Security Standard (PCI DSS) and banks have been using it for years, combining payment cards ('what you have') and PINs ('what you know'). If you use online banking you'll probably also have a chip authentication programme (CAP) keypad, which generates a one-time password (OTP). What is new is TFA's rising adoption beyond the financial sector. Two-Factor Authentication provides a comprehensive evaluation of popular secondary authentication methods, such as: Hardware-based OTP generation SMS-based OTP delivery Phone call-based mechanisms Geolocation-aware authentication Push notification-based authentication Biometric authentication factors Smart card verification As well as examining MFA (multi-factor authentication), 2SV (two-step verification) and strong authentication (authentication that goes beyond passwords, using security questions or layered security), the book also discusses the wider application of TFA for the average consumer, for example at such organisations as Google, Amazon and Facebook. It also considers the future of multi-factor authentication, including its application...
ISBN: 9781849287326
Dimensions: 198mm x 129mm x 6mm
Weight: 118g
1 pages