1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Maybe it’s time to eliminate “something you know” as an authentication method

Discussion in 'CSO' started by RSS, Aug 27, 2015.

  1. RSS

    RSS New Member Member

    Secure authentication is crucial to protect data and guard your identity from being stolen or hijacked. The vast majority of authentication used today is based simply on a username and password, which has proven time and time again to be inherently insecure. Perhaps it’s time to change our definition of authentication.

    The All-in-One CISSP Exam Guide (a book I *highly* recommend if you’re studying for the CISSP exam) describes authentication like this: “Three general factors can be used for authentication: something a person knows, something a person has, and something a person is. They are also commonly called authentication by knowledge, authentication by ownership, and authentication by characteristic.”

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page