什么是两因素身份验证? [英] What is two-factor authentication?

问题描述

我已经承担了寻找和评估一些认证库以用于我们的一种产品的任务，而某些解决方案推动的一项销售功能是两因素认证".

I've been given the task of finding and evaluating some authentication libraries for use in one of our products and one of the selling features being pushed by some solutions is "two-factor authentication".

此方法是什么?如何工作?有没有更好的方法(例如三因素身份验证)?

What is this method and how does it work? Are there better methods (such as three-factor authentication, I guess)?

推荐答案

两因素身份验证是使用两个因素对一个人(或有时一个过程)进行身份验证.

Two factor authentication is using two factors to authenticate a person (or sometimes a process).

这可能是PIN码(您知道的东西)和借记卡(您有的东西).

This might be a PIN number (something you know) and a debit card (something you have).

可以使用许多身份验证因素:

There are many authentication factors that might be used:

认证因素适用于 认证的特殊程序 作为个人的人 明确授予的访问权限. 有不同的因素类型 身份验证:

Authentication factors apply for a special procedure of authenticating a person as an individual with definitively granted access rights. There are different factor types for authentication:

例如，
• 人为因素固有地与个人相关联 生物识别(您是什么").
• 个人因素是在心理上或身体上分配给 以个人为例 代码编号. (您知道的事情")
• 技术因素绑定到物理手段，例如通过， 身份证或令牌. (某事 有")

• Human factors are inherently bound to the individual, for example biometrics ("Something you are").
• Personal factors are otherwise mentally or physically allocated to the individual as for example learned code numbers. ("Something you know")
• Technical factors are bound to physical means as for example a pass, an ID card or a token. ("Something you have")

来自维基百科.

您选择哪些因素取决于所需的访问类型，所需的安全性，成本，尤其是人们愿意忍受的条件.

Which factors you choose depend on the type of access required, security needed, cost, and especially what people are willing to put up with.

人们会因每隔4个月更改一次的强密码而感到恼火，因此您可能会发现员工更愿意使用带有指纹扫描仪的笔记本电脑，他们可以使用弱密码和指纹-两因素身份验证对于用户而言可能更容易.

People get irritated with strong passwords that change every 4 months, so you might find employees happier with laptops that have fingerprint scanners and they can use a weak password and a fingerprint - two factor authentication may be easier for users.

但是其他人可能不喜欢生物识别安全性对隐私的影响，而是会随身携带一个钥匙串设备，该设备会生成随密码一起输入的数字.

But others might not like the privacy implications of biometric security and would rather carry around a keychain device that produces numbers which are typed in along with a password.

高度安全的情况可能需要同时考虑所有三个因素-您所拥有的东西(例如卡)，您所拥有的东西(例如视网膜成像)和您所知道的东西(例如密码).

High security situations may require all three factors - something you have such as a card, something you are such as retinal imaging, and something you know such as a password.

但是随着您添加更多级别，成本和刺激性就会上升.

But the costs and irritation go up as you add more levels.

-亚当

这篇关于什么是两因素身份验证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！