Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Authentication
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==== Strong authentication ==== The United States government's [[National Information Assurance Glossary]] defines strong authentication as a layered authentication approach relying on two or more authenticators to establish the identity of an originator or receiver of information.<ref name="NCSC-StrongAuthentication">{{cite web|last1=Committee on National Security Systems|title=National Information Assurance (IA) Glossary|url=https://www.ncsc.gov/nittf/docs/CNSSI-4009_National_Information_Assurance.pdf|publisher=National Counterintelligence and Security Center|access-date=9 August 2016|url-status = live|archive-url=https://web.archive.org/web/20161121224542/https://www.ncsc.gov/nittf/docs/CNSSI-4009_National_Information_Assurance.pdf|archive-date=21 November 2016}}</ref> The European Central Bank (ECB) has defined strong authentication as "a procedure based on two or more of the three authentication factors". The factors that are used must be mutually independent and at least one factor must be "non-reusable and non-replicable", except in the case of an inherence factor and must also be incapable of being stolen off the Internet. In the European, as well as in the US-American understanding, strong authentication is very similar to multi-factor authentication or 2FA, but exceeding those with more rigorous requirements.<ref name="Turner-DigitalAuthentication-Basics" /><ref name="ECB-Recommendations">{{cite web|last1=European Central Bank|title=Recommendations for the Security of Internet Payments|url=https://www.ecb.europa.eu/pub/pdf/other/recommendationssecurityinternetpaymentsoutcomeofpcfinalversionafterpc201301en.pdf|publisher=European Central Bank|access-date=9 August 2016|url-status = live|archive-url=https://web.archive.org/web/20161106212218/https://www.ecb.europa.eu/pub/pdf/other/recommendationssecurityinternetpaymentsoutcomeofpcfinalversionafterpc201301en.pdf|archive-date=6 November 2016}}</ref> The [[FIDO Alliance]] has been striving to establish technical specifications for strong authentication.<ref>{{Cite news |last=Seals |first=Tara |date=5 April 2016 |title=FIDO Alliance Passes 150 Post-Password Certified Products |url=https://www.infosecurity-magazine.com/news/fido-alliance-passes-150/ |url-status=live |archive-url=https://web.archive.org/web/20240926182246/https://www.infosecurity-magazine.com/news/fido-alliance-passes-150/ |archive-date=26 September 2024 |work=Infosecurity Magazine}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)