TWO FACTOR AUTHENTICATION, MULTI FACTOR AUTHENTICATION, TWO STEP AUTHENTICATION
What are the following types of authentication?
- multi-factor
- two-factor (2FA)
- two-step
Two-factor authentication is a subset of multi-factor authentication (ie, almost no one does three-factor authentication).
Multi-factor authentication has a rigid definition. It is using more than one of the following authentication factors…
- something you and only you know (ie, password)
- something you and only you have (ie, a token)
- something you and only you are (ie, a fingerprint)
SMS or an App doesn’t count as something “you and only you have” (reference, reference 2 added 22-Mar-2019). You can’t touch (have) SMS, and cell site maintenance personnel can easily intercept an SMS message. You also can’t touch an App, and phones can be cloned so others can have an app that functions exactly like yours. Use of one of this type of methods of secondary authentication methods that “you and only you” can’t “have” are considered two-step authentication. Note, the second step is frequently an out-of-band verification.
An interesting option that may greatly simplify authentication is a “single-step” shared secret out-of-band verification called SQRL. Something to keep an eye on.
Keywords: identity, verification, authorization, 2fa, 2factor, 2step, two factor, two step, multi factor