Authentication Ways - something the person knows, has or is

About

Basically, there are three ways to authenticate an individual:

  • by something the person knows,
  • by something the person has,
  • and by something the person is.

All these ways have been used from prehistory until the present day, and they all have different security properties and trade-offs.

Ways

Authentication Identification Type Why
something_the_person_knows Group identification because knowledge can be shared
something_the_person_has Group identification because something can be copied (a key for instance)
something_the_person_is Person Identification

something the person knows

During World War II, American soldiers in Europe would ask strangers cultural questions like “Who won the 1940 World Series?” on the assumption that German soldiers wouldn’t know the answer, but every American would.

The biggest vulnerability is that the secret can be transmitted, learned, or stolen.

This is a group identification because knowledge can be shared.

something the person has

The something might be:

Like the “something the person knows” method, anyone can give this to anyone else.

This is a group identification because something can be copied (a key for instance).

something the person is

Something the person has that’s a physical part of their body. This is what we normally think of as identification.

When we recognize people, we recognize their physical features.

  • On the telephone, we recognize someone’s voice.
  • cats spray to mark their territory,
  • dogs sniff each others butts
  • whales have individual songs.

More modern versions of this mechanism, called “biometrics,” include:

  • fingerprinting,
  • voice printing,
  • hand geometry,
  • iris and retina scans,
  • and handwritten signatures.

Biometrics has advantages over passwords and tokens in that they:

  • can’t be forgotten, although they can be lost. (People can lose fingers in an accident, or temporarily lose their voices due to illness.)
  • can’t be changed. If someone loses a key or an access code, it’s easy to change the lock or combination and regain security. But if someone steals your biometric—perhaps by surreptitiously recording your voice or copying the database with your electronic iris scan—you’re stuck. Your iris is your iris, period.

The problem is, while a biometric might be a unique identifier, it is not a secret. You leave a fingerprint on everything you touch, and someone can easily photograph your eye.





Discover More
Public Key Crypto Pair Key Creation
Cryptographic - Private Key

This article talks the secret known as the private key in a asymmetric cryptographic scheme. A private key is a cryptographic key that is private (that you should keep secret). This page is how to...
Cryptography - Secret

A secret is a cryptographic material that should not be known by the public in order to secure the transaction. A secret is categorized as something you have authentication. It's also known as the private...
Group Identifier (Secret that can be shared)

When identifying, you are not always identifying that the individual is a particular person, you are identifying if the person is of a particular group. Authentication Identification Type Why Group...
Multi-Factor Authentication (Mfa / 2fa)

In Mfa passwords are cryptographic keys are There are few options to get around 2FA checks: Disable 2FA for certain Users in the test environment, so that you can use those user credentials...
PassPhrase (Longer password)

A passphrase is something you know and is like a password except: it is longer (not always true) it's not coupled to a login In the early days passwords on Unix system were limited to 8 characters,...
Symmetric Cryptography - Shared secret or Symmetric Key

In symmetric cryptography, a shared secret is a secret key shared between the two parties. It's also known as symmetric encryption key (ie in contrario to asymmetric) Since the same key is used both...
Strip Le Mot D Epasse Du Noob
What are Password credentials? Authentication -

Password credentials are credentials that use the password and another identifier (such as an email or a name). It is something you know and is, therefore, a group identifier. ionicasmeets/status/954269521531035648Ionica...
What is Authentication, known also as Access control, Identification, or AuthN?

Authentication is the process that establishes the identity of a user who accesses a resource of an application (page, image,...) It's abbreviated as AuthN for authentication versus AuthZ for authorization....



Share this page:
Follow us:
Task Runner