--Originally published at Allow Yourself to fail and learn… and hack
Authentication is a big issue when talking about security. If there’s an access control it means there’s information we are protecting and we have a huge responsibility to make sure this door to info maintains closed to people not allowed to open it, not even peeking on it to see what’s on the other side.
To make sure we are providing maximum security there are ton of methods to prove access. Some of the methods are based purely on software, sometimes validating on the side of the server, sometimes on both, and sometimes requiring also of extra hardware. To give some example I’m going to show you the most commons out there.
There exist the common authentication of the user providing the username and password, followed by the server verification of the correctness and existence of the input. There are more fancy methods such as double authentication provided by the client and the server simultaneously.
Two steep authentication
SMS: using a cellphone a code is sent to the user to warrant its identity.
Email: same as previous but sending the code through electronic mail.
App notification: uses the connection with an app to send the code and provide access.
Hardware authentication
This double step authentication is one of the more popular out there. Most of the bank companies use this method to provide access to their online services. Can be achieved thanks to the use of those tiny devices with a screen refreshing a code every 15 seconds.
Biometric access control?
Yeah nowadays that is a thing, unlocking devices and log in to services by using your retina or your fingerprint is not only a sci-fi movie thing anymore, many smartphones and computers use this authentication as the main authentication method. It has proved not only that is more secure but also
Extra: Watch how Uber is implementing Microsoft’s cognitive service to authenticate drivers. A natural and simple authentication step.
References:
