Cookie
Electronic Team uses cookies to personalize your experience on our website. By continuing to use this site, you agree to our cookie policy. Click here to learn more.

Multi-factor Authentication and Authentication with a Security Key

Olga Weis Olga Weis
Nov 24, 2022

Multi-factor authentication (MFA) is a multi-layered approach to security and is a core concept in identity and access management. MFA extends the traditional username and password combination and it can include additional hardware and even make use of biometric technology. With a minimum of two levels of security (2FA), even if the first level is breached, the second authentication layer provides additional peace of mind. MFA works on the basis of three factors namely: something you are (face or voice recognition, fingerprints etc), something you know (like a password, or your favorite color) and something you have (a smartphone or OTP).

The two terms multi-factor authentication and two-factor authentication are often used interchangeably. 2FA falls within the realm of MFA as multi-factor demands a minimum of 2 levels of security.

What are the different types of multi-factor verification?

There are a number of different types of MFA available and in use in our daily lives. Here are some of the most common ones:

Security Keys

A security key falls under the category of passwordless hardware authentication as it makes use of a portable USB dongle that is registered to a specific user account. By inserting the key, the user can prove they are physically present.

Smart Cards

Smart cards work with embedded memory chips that are capable of storing data. In order to read data from a smart card, it has to be inserted into a reader. Smart cards fall into two categories: contact and contactless. Contactless cards makes use of Near Field Communication (NFC) technology which allows for wireless connections.

Biometrics

Biometrics makes use of a person's physical attributes for authentication. Instead of providing a username for verification, there are a number of options available including fingerprint mapping, retina scanning and facial pr voice recognition.

Magnetic Stripe Cards

Magnetic stripe cards transmit data via magnetic labels. Pertinent data is stored on the card using magnetic storage media. The card needs to be swiped through a magnetic card reader in order to access the data.

Security tokens / mobile devices

Security tokens (STOs) and mobile phones as authentication are relatively new in the world of authentication. Mobile devices embrace the "something you have" factor of MFA. A smart phone is able to generate a token using a key that is shared with an authentication system.

Challenge / response

Challenge/response authentication mechanism (CRAM) involves a question/answer format. In order to be authenticated, a correct answer must be provided. The question or challenge can be static or dynamic. A common static example is the classic "I'm not a robot" declaration where a user simply selects a checkbox. A popular dynamic CRAM is CAPTCHA or the Completely Automated Public Turing Test to Tell Computers and Humans Apart. This often asks users to click and select various images that meet a certain condition, or they have to identify randomly generated characters.

What is a Security Key?

Each USB device or key has a unique code, and by simply pressing a button on the key, this is translated as keystrokes and read by the browser. With a security key, someone wanting access needs to know the passcode and/or PIN and be in possession of the physical device -the key serves as the second factor in 2FA - thus a two-step verification process is enforced.

How do security keys work?

Security keys are available for different USB ports. A Security Key makes use of different protocols, the most popular being FIDO2. FIDO2 does away with passwords and shared secrets.

A key is programmed to work within a specific domain. When you insert the key into your USB port, a site that supports key authentication will prompt you to insert the key and tap the button.

The browser sends a challenge to the key which is then signed by the key using U2F. The challenge will be encrypted and the data will include the current browser name, making it that much harder to launch a phishing attack.

Sometimes you may need to access a security dongle remotely, for example running a virtual machine or working on another computer in the same network. Thats where Donglify comes in handy. This app allows you to share access to a single dongle remotely.

WIth Donglify you will not face any problems while using security key authentication method.
Donglify
Start your free trial today
7-day Trial • Cancel anytime
4.5 Rank based on 198+ users
Read all reviews
Available on Windows 7/8/10/11, Server 2008 R2/2012/2016/2019/2022, Windows 10/11 on ARM, macOS 10.14+
Already a Donglify user? Sign In →

Conclusion

In an online world where there's always a risk of data being stolen or systems being hacked, you can never be too careful with security. Mitigate the risk of phishing and loss of data by incorporating a two or more factor authentication system. With the advancement of technology, you are spoilt for choice as to which systems you wish to implement according to your specific requirements and budget.

Start your free trial today
7-day Trial • Cancel anytime
Already a Donglify user? Sign In →