The IT Law Wiki

Two-factor authentication

31,967pages on
this wiki

Definition Edit

Existing authentication methodologies involve three basic “factors”:

Two-factor authentication (T-FA) requires that a user present two of the three possible factors to the authentication mechanism.

Overview Edit

A known flaw in some T-FA systems is the server storage of a hash representation of the credentials contained on the smart card or token. With this in hand, the attacker can replay that data to the authentication system; in this case, that of the proxy server, without needing the smart card or token.

Two-factor authentication is still susceptible to man-in-the-middle attacks.

See also Edit

External resource Edit

Around Wikia's network

Random Wiki