Multifactor authentication is authentication that requires the agent wishing to be authenticated to present more than one authentication factor. This strengthens authentication because it places a burden on anyone trying to circumvent the authentication mechanism with multiple items to defeat, rather than one. The approach is particularly strong if it involves the combination of different types of authentication factor.
For example, when you go to an ATM machine to remove money from your account, you use a bank card to activate the machine. This is an example of something you have. But you are also asked to provide a personal identification number (PIN) before the machine gives you access to your money. This is an example of something you know. In order for someone to steal your money, they need both the PIN and the card. They may be able to steal the card, but stealing something you know is harder (unless you have done them the favor of writing it on your card, or on a piece of paper you keep in your wallet - which they stole to get your card).
Many network managers issue SecureID cards to their users, which provide the holder with a constantly rotating password. But to protect the network from the theft of such cards, each user is also issued a PIN. To successfully access the system, the user must provide both the number on the card and the PIN, giving this the same level of security as the bank card and PIN used to access your savings account.
|<mp3>http://podcast.hill-vt.com/podsnacks/2007q3/authentication.mp3%7Cdownload</mp3> | Authentication|