Describe and discuss common authentication types

Common authentication types are-

  • Something a user knows, and others, mostly, wouldn’t-
    • Username and password

Almost all websites have users to register with a username and to set a password known only to them

  • Security questions – mother’s maiden name, street where you grew up, name of first pet etc.
    Some websites like Gmail, Yahoo!, United Airlines, and even the Saint Leo portal asks users to enter answers to personal questions – to add a layer to protection if they forget their password.
  • Something a user has, exclusively, and others don’t have access to-
    • PIN code sent to mobile phone
      Websites like Gmail, Facebook, Yahoo! allow users to register along with a personal cell phone number and they use this to push PIN code texts. The user must have access to their device, view the text and enter the code into the website to be authenticated.
    • Smart card
      Security system can make use of smart cards to authenticate.
    • Access to a secondary email id
      Websites send PIN numbers to secondary email-ids (similar to sending a PIN to a mobile phone)
  • Something a user is (not very common, but slowly growing in popularity)-
    • Biometrics
      • Iris/retina scan
        Highly-secured digital safes employ eye scan authentication.
      • Fingerprint
        Most Windows 7 and 10 machines and iPhones allow for finger print authentication

A lesser common mode of authentication is-

  • Someone the user knows

Facebook uses a form of this type of authentication, and asks users to identify their “Facebook friends’” pictures by name when the user cannot get authenticated by their password.