Strong authentication definition
Strong authentication refers to any method of verifying the identity of a user or device that is considered tough enough to defend the system it is set up to protect. While strong authentication usually consists of two or more factors, sometimes even single-factor authentication is considered strong.
See also: access control entry, authentication server, two-factor authentication, one-time password
How does strong authentication work?
Usually, strong authentication relies on authenticating multiple factors such as something the user knows (a password), something the user has (a physical token or smart card), or something the user is (biometric data). This way it is able to provide a higher level of security than traditional authentication consisting of a username and password.
Types of strong authentication
- Two-factor authentication (2FA). This involves using two forms of authentication to verify a user's identity. For example, a password and authentication using an app.
- Multi-factor authentication (MFA). It’s just like 2FA, but has more layers of authentication. For example, a password, a physical card, and a fingerprint scan.
- Certificate-based authentication. This uses digital certificates to verify the identity of a user or device.
- One-time passwords ( OTP ). This involves generating a unique password that is only valid for a single login session or transaction.
- Risk-based authentication. It uses contextual information, such as the user's location and their behavior patterns.