Authentication is simply proving a claimed identity. I can tell you that I am Kody and I can show you a driver’s license to prove it. If I claim to be John Smith but have no means of verifying my claim, I lack proper authentication. There are three factors used in authentication: knowledge factors, possession factors, and inherence factors. Let’s take a look at what these different factor types mean:
Snoopy, the World War I Flying Ace, has finally figured out how he is going to shoot down the Red Baron. He has developed a new propeller that will allow his plane to maneuver twice as fast. He hides this propeller in his doghouse and wants to be sure that only he can ever have access to it.
To accomplish this goal, he builds a giant steel door at the entrance of his doghouse. This door only opens when a single specific code is typed into its electronic keypad. Snoopy shares this code, his password, with no one. A password is a knowledge factor, meaning it is something Snoopy knows. So far Snoopy has implemented single-factor authentication, meaning that only one of the three factors is being used.
Snoopy is security savvy and knows that relying on single-factor authentication is not good enough when protecting a propeller that could change the entire course of the war. He adds a lock to the door. This lock can only be opened with a unique key that only he has. This key is a possession factor, meaning it is something Snoopy has. Snoopy has now implemented two-factor authentication, meaning two different authentication factors are being used to secure his asset; to gain entrance to the doghouse someone would have to type in the correct password and then use the correct physical key.
Snoopy still isn’t satisfied with his doghouse’s security. He wants to implement three-factor authentication using all three authentication factors to ensure that he, and only he, can enter his doghouse. He adds a paw-print reader to the door. This reader only recognizes Snoopy’s paw. Snoopy’s paw is an inherence factor, meaning it is something that Snoopy is.
The door only opens when the person seeking entry can provide something Snoopy knows, something Snoopy has, and something Snoopy is.
We are all familiar with how authentication relates to information systems. Every time you put in a password after your username you are using single-factor authentication. Whenever you make a withdrawal at an ATM and swipe your card and enter a PIN you are using two-factor authentication. Picture what would happen without authentication: anyone could go to your email claiming to be you and read or write as many messages as they want or could go to an ATM and withdraw as much money from your account as they want!