Authentication is the process of identifying an individual, an artifact or something that needs to be identified. We “practice” authentication every time we log in to an account, for example, our computer operating system, hotmail or facebook accounts, a bank application and more.
When we talk about authentication we usually deal with one of the three general options available:
In all the scenarios the information you provide is compared to a database with the information of the entities capable of access the system.
Recently the 2 factor authentication is becoming famous on Internet. Two factor authentication is the combination of two of the above methods when authentication is required. The most common combinations are:
When you want to access, the system will need both elements to be able to validate your identity. You may remember bank applications where you first need to provide a password, username or account number and then you need to provide the information given by the token you have. Probably with every transaction you will need to provide again the information given by the token. These applications use two factor authentication methods.
In high security systems and companies another two factor authentication method is used. They validate something that you have like a security card and validate something from you (personal) like your voice or your fingerprints.
There are some popular applications and services that already use the 2 factor authentication method. Facebook and Google. The option is turned off by default in both systems but you can activate it anytime you want. In Google you just have navigate to your account settings, in the upper right corner, and there you will find an option named “Using 2-step verification”. In Facebook you have to navigate to your “Account Settings” too, then click on “Account Security” and you’ll find interesting options like “Secure Browsing” which is highly recommended to prevent “sniffing”, also “Login notifications” and “Login approvals”. This last option forces the system to send you a message to your mobile when an unrecognized computer or device is trying to access to your account. If that happens you will have also to introduce the code sent to your device.