The Concept of 2-Factor Authentication Essay (Article)

Exclusively available on Available only on IvyPanda® Made by Human No AI

Abstract

The escalating number of reported security susceptibilities taking advantage of the weaknesses of fixed or static password oriented authentication techniques, and the considerable financial/brand loss caused to the ventures due to those susceptibilities are only stressing the fact that the customary fixed password based authentication resolutions are no longer a sufficient shielding instrument for crucial enterprise applications.

This calls for these ventures to critically investigate and embrace multi-factor, tougher, safe, dynamic one-time password based authentication expertise into their IT infrastructure. This article strikes a critical examination of the 2-Factor Authentication with a strong analytical exploration of the pros and cons accruing to this type of authentication.

It is also worth noting that the dynamics in the contemporary society in the field of technologies have exposed the user of the services provided by the service-providers who depend on these technologies to dire vulnerabilities. These vulnerabilities expose the users to “man-in-the-middle attack.” This has therefore made the one level authentication methods for example the use of static passwords, use of fingerprints or even PIN untrustworthy. This is especially true after the Citibank’s scam scandal.

Discussion

Security experts and specialists have long flaunted the need for implementation of stringent security measures for the Web based transaction enterprises. At a glance, 2-Factor Authentication is the technique of human authentication where two factors are used to authenticate. Items like USB tokens and smart cards are increasingly being used in many organizations due to proliferation of online identity theft cases, (Yoon & Kee-Young, 2008).

Fingerprints have been most authoritative method of authentication and have been known historically as an effective method of authentication. However recent developments in criminal activities have proved that this method is no longer worth all the trust.

Tokens

Biometrics

The most common type of biometric data used in authentication is the thumbprint. However, this type of authentication is becoming multi-factor as biometric readers are added on the devices to provide comparison between two data strings during authentication process. This mode could prove to be quite costly especially where it involves a big number of users.

Security Token

Smart cards and USB tokens are the most common forms of security tokens. These security tokens make use of microcontroller technology, a security application, a secured storage area and an OS (Operating System).

Phones

This is a new category of token devices which involves 2-FA tool transforming the phone into the token device through SMS messaging or through by an interactive telephone call. The phone becomes a multi-factor authentication by the fact that the user communicates over two channels. This type of T-FA method reduces logistical costs considerably by scrapping off the need for separate hardware token device though the user incurs the cost of text messaging and data services and cellular calling minutes.

Other types of the tokens include the Smart cards and the Universal Serial Bus which have been discussed above. In smart card, the ATM PIN and the card reader are the factors. Strong authentication has security advantages. Despite this advantage, this multifactor authentication is yet to spread widely in the market. The following are factors contributing to lack of pervasiveness:

Product proliferation

Due to difficulty in deploying the client PC software needed to make the systems work several and in fact most vendors have developed their own installation packages for network login, VPN connection credentials and Web connection credentials. It implies that performing control over so many packages and check for conflicts at the same time becomes difficult.

User password management

Since users have naturally found it difficult to retain one authentication factor for instance a password, and it is very common for users to be expected to retain and remember a number of unique passwords, Two-Factor Authentication does not eliminate this problem either. This is because in this Authentication, one factor acts as a password or PIN code. One probable solution would be to have another factor (a second one) as a biometric rather than having entities that users have to keep in memory.

Interoperability of Authentication

2-Factor Authentication is not standardized. It has various implementations which make it difficult for the T-FA to pervade through.

Cost Effectiveness

Addition of a second factor in the authentication is accompanied with additional cost responsibility of implementation as well as maintenance. This is because it is logistically challenging to deploy hardware tokens.

Password security

The security of the systems and tools used in T-FA is cause for concern too. Since more than a few products of this sort store passwords in plain text for the smart card or the token software, it largely counteracts one aspect of the authentication. Therefore due to this lapse, a prowler may get the password without any problems. However, since it is a multi-factor mechanism, the intruder will still be required to possess the relevant USB token or smart card for his attack to succeed. In conclusion, though the 2-factor authentication helps in mitigating security problem it does not remove the threat completely, (Ashutosh, 2008).

Works Cited

Yoon Eun-Jun; Kee-Young Yoo. “Information Security and Assurance, International Conference” Breaking a Smart Card based Secure Password authentication Scheme, 2008.

Ashutosh, S. “Dynamic authentication: Need than a choice:” Application Security Review journal Group Hyderabad, India; 2008.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2021, October 16). The Concept of 2-Factor Authentication. https://ivypanda.com/essays/the-concept-of-2-factor-authentication/

Work Cited

"The Concept of 2-Factor Authentication." IvyPanda, 16 Oct. 2021, ivypanda.com/essays/the-concept-of-2-factor-authentication/.

References

IvyPanda. (2021) 'The Concept of 2-Factor Authentication'. 16 October.

References

IvyPanda. 2021. "The Concept of 2-Factor Authentication." October 16, 2021. https://ivypanda.com/essays/the-concept-of-2-factor-authentication/.

1. IvyPanda. "The Concept of 2-Factor Authentication." October 16, 2021. https://ivypanda.com/essays/the-concept-of-2-factor-authentication/.


Bibliography


IvyPanda. "The Concept of 2-Factor Authentication." October 16, 2021. https://ivypanda.com/essays/the-concept-of-2-factor-authentication/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
Privacy Settings

IvyPanda uses cookies and similar technologies to enhance your experience, enabling functionalities such as:

  • Basic site functions
  • Ensuring secure, safe transactions
  • Secure account login
  • Remembering account, browser, and regional preferences
  • Remembering privacy and security settings
  • Analyzing site traffic and usage
  • Personalized search, content, and recommendations
  • Displaying relevant, targeted ads on and off IvyPanda

Please refer to IvyPanda's Cookies Policy and Privacy Policy for detailed information.

Required Cookies & Technologies
Always active

Certain technologies we use are essential for critical functions such as security and site integrity, account authentication, security and privacy preferences, internal site usage and maintenance data, and ensuring the site operates correctly for browsing and transactions.

Site Customization

Cookies and similar technologies are used to enhance your experience by:

  • Remembering general and regional preferences
  • Personalizing content, search, recommendations, and offers

Some functions, such as personalized recommendations, account preferences, or localization, may not work correctly without these technologies. For more details, please refer to IvyPanda's Cookies Policy.

Personalized Advertising

To enable personalized advertising (such as interest-based ads), we may share your data with our marketing and advertising partners using cookies and other technologies. These partners may have their own information collected about you. Turning off the personalized advertising setting won't stop you from seeing IvyPanda ads, but it may make the ads you see less relevant or more repetitive.

Personalized advertising may be considered a "sale" or "sharing" of the information under California and other state privacy laws, and you may have the right to opt out. Turning off personalized advertising allows you to exercise your right to opt out. Learn more in IvyPanda's Cookies Policy and Privacy Policy.

1 / 1