Welcome To Network Systems Training UK Ltd - Telephone 0845 519 7752
0845 519 7752
  • Home
    • Contact Us
    • How We Work
    • About Us
    • Press Centre
  • Training
    • Our Courses >
      • TCPIP - A Practical Foundation
      • TCP-IP and LAN Technologies
      • Beginners Introduction to Networking
      • Routing and Switching
      • Introduction to VoIP
      • Voice over IP with SIP
      • Networking and Systems
      • Practical Introduction to IPv6
      • IPv6 Overview
      • Introduction to Cisco IOS
      • Broadband Technologies
      • The Fundamentals of Fibre Optics
      • Introduction to NGN
      • Next Generation Optical Networks
    • Scheduled Courses >
      • Course Schedule
      • Manchester Schedule
      • Liverpool Schedule
    • Featured Training Courses
  • On-Site Training
  • Training Needs Analysis
  • Training Course Design
  • Online Technical Training
    • Online Training Courses
  • Forums
  • Blog

2 Step vs 3 Step Authentication

2/23/2014

0 Comments

 
A lot of computer systems and websites still user a simple username and password authentication system. We can make our passwords more difficult to a brute force attack by making them longer and more complex with upper and lower case and symbols. One of the problems we have is that most of use have many online accounts that require a password and it is difficult to remember many passwords. I will bet that many people who read this re-use passwords on multiple accounts, and this will lessen the odds of a compromise.

2 step authentication will make it much more difficult for a potential hacker or intruder to access any of your sensitive information. If the system you are logging on to supports 2 step authentication then you should use it. MS Hotmail, Facebook, Google Accounts and some high street banks, to name a few currently offer this form of authentication.

A 2 step authentication system will use one of a number of factors such as something you know such as a password, something you have such as a number generator or smartcard and something you are, that consists of something unique about you. Something you are might be fingerprint or retina recognition or other form of biometrics.

Most of use an ATM card which incorporates a pin number. The pin number is of no use without the card itself, or at least the information on the card. This is an example of a 2 step authentication system. I logon to my bank account online using a simple username and password and an additional number generator supplied by the bank. If someone was to capture your password then without the number generator they would not have full access to my bank account. Both of these examples include something you know plus something you have.

2 step authentication can be compromised, one example being ATM Skimming where additional electronics which scan your card as you insert it into the machine. Combined with a small hidden camera, the thief records your pin number so thief how has something YOU know and something YOU have. There are also versions of malware that can steal information from your computer and hijack sessions to your bank or other online account.

3 step authentication uses all 3 factors, something you know, something you have and something you are. Using 1 step authentication and a four digit pin number, an attacker has around a 1 in 10,000 chance of guessing the pin. By adding something you have such as a smartcard or number generator the odds are significantly greater, in the order of 1 in 10 billion chance. Finally, if you add something you are such as a voice print or retina print then you have now increased the chance of obtaining the information to around 1 in a trillion chance.

The bottom line is that the more steps in the authentication process the more secure the system.

Authentication and security form topics in some of our instructor-led training courses.


0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    RSS Feed

    View my profile on LinkedIn

    Archives

    March 2017
    October 2016
    February 2016
    December 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    November 2014
    October 2014
    August 2014
    June 2014
    April 2014
    February 2014
    January 2014
    December 2013
    November 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013

Powered by Create your own unique website with customizable templates.