The IT Law Wiki

Two-factor authentication

32,076pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Existing authentication methodologies involve three basic “factors”:

Two-factor authentication (T-FA) requires that a user present two of the three possible factors to the authentication mechanism.

Overview Edit

A known flaw in some T-FA systems is the server storage of a hash representation of the credentials contained on the smart card or token. With this in hand, the attacker can replay that data to the authentication system; in this case, that of the proxy server, without needing the smart card or token.

Two-factor authentication is still susceptible to man-in-the-middle attacks.

See also Edit

External resource Edit

Also on Fandom

Random Wiki