Strong Authentication

Strong authentication is a notion with several unofficial definitions; is not standardized in the security literature.

Often, strong authentication is associated with two-factor authentication or more generally multi-factor authentication. Soliciting multiple answers to challenge questions may be considered strong authentication but, unless the process also retrieves 'something you have' or 'something you are', it would not be considered multi-factor. The FFIEC issued supplemental guidance on this subject in August 2006, in which they clarified, "By definition true multifactor authentication requires the use of solutions from two or more of the three categories of factors. Using multiple solutions from the same category ... would not constitute multifactor authentication."

Another commonly found class of definitions relates to a cryptographic process, or more precisely authentication based on a challenge response protocol. This type of definition is found in the Handbook of applied cryptography. This type of definition does not necessarily relate to two-factor authentication, since the secret key used in a challenge-response authentication scheme can be simply derived from a password (one factor).

A third class of definitions says that strong authentication is any form of authentication in which the verification is accomplished without the transmission of a password. This is the case for example with the definition found in the Fermilab documentation.

Thus, the term strong authentication can be used as long as the notion strong is defined in the context of use.

Other articles related to "authentication, strong authentication":

Two-factor Authentication - Background
... Two-factor authentication is commonly found in electronic computer authentication, where basic authentication is the process of a requesting entity presenting some evidence of its identity ... Two-factor authentication seeks to decrease the probability that the requestor is presenting false evidence of its identity ... Two-factor authentication is often confused with other forms of authentication ...
History and State-of-the-art - Strong Authentication
... National Information Assurance Glossary defines strong authentication as layered authentication approach relying on two or more authenticators to establish the identity of an originator or receiver of information ...

Famous quotes containing the word strong:

    When we hate a person, with an intimate, imaginative, human hatred, we enter into his mind, or sympathize—any strong interest will arouse the imagination and create some sort of sympathy.
    Charles Horton Cooley (1864–1929)