I like to use the single sign one solution through Dashlane, but of course, has some downsides if somebody has access to your master password. Also applying always Least Privilege to the work level is advised.
I found this image http://blog.centrify.com/wp-content/uploads/2016/12/adaptivemfa.png
Which is capable to show how this authentication processes is done.
In addition, Summarizing multi-authentication is not always unanimous as we can here at https://security.stackexchange.com/questions/68009/four-factor-authentication
From this specific question, we can get a sense of how one question could be interpreted differently and some of them created, even more, ways to see the multi-factor authentication.
(1) something you know =username and password combination or a pin
(2) something you have =bank card, mobile device, smartwatch
(3) something you are =biometrics like fingerprints, retina scans, or voice recognition.
(4) something you do =signing their name
Pompon, R. (2016) condenses: “You can combine at least two of these things to be multi-factor authentication. A certificate, a fingerprint, or a token by itself is not two-factor authentication. You must combine the factors. This is why tokens and bank cash cards have PINs associated with them and passports have your photograph. The security comes from raising the difficulty of impersonating the user by a compromise of one of the factors. You may duplicate her fingerprint but you still need her password to log in. This is why IPsec virtual private networks use a combination of shared secrets (something you know) and IP addresses (something you are). Software objects combine something that you are, like checksum hashes and embedded digital keys (something you have).”
This case of duplication of a fingerprint can be checked on my references.
References:
Pompon, R. (2016). IT security risk control management: An audit preparation plan.
Four-factor authentication. (n.d.). Retrieved from https://security.stackexchange.com/questions/68009/four-factor-authentication
No comments:
Post a Comment