Multi-Factor Authentication Primer

Author: Brian Rhodes, Published on Feb 04, 2013

Can a stranger use your credentials? One of the oldest problems facing access control is making credentials as easy to use as keys, but restricting them to certain individuals. The technique of 'multi-factor authentication' is applied when the end-user is concerned about who actually can use access control credentials. In this note, we examine the concept and detail the ways many access control designers choose to use it.

Multi-Factor Authentication Defined

** ****** *****, *** ******* ***** **** **** **** *** credential **** ** ********* ** ***** ** **** ******. *******, the *********** **** ** '*******' ** * *** **** **** validate **** *****. **** ***** **** *** '*****-******' *******, **** than *** ********** **** ** ************** ********, *** ****** ** option ** **** **** *** **** ** ***** ****.

** * ***** **** ***** ****** ******** ********* *****, *********** scans, ** * ****** **** ** ***** ** ** '***********', two ** **** *********** ***** ** ******* *** *****, *** just ********* ********** ****** *** ********** *** *** **** ** present ** *** ****. *** ***** ***** ***** ** ******* of * ******* '***** ******' ****** ******:


*** ********** ************** '*******' ****** ** *** ** *** **** type, *** **** ** *******, ********, *** ********** ******* ***** of ***********. ***** '****** ******' *** ******** ***** **:

  • ********* *** **** ***: * **********/********** ******* **************** ** *** ****. ********* ** access ******* *****, *****, ** ***. **** ******** * ********** key, ********** **, ** ********.
  • ********* *** **** *****: ********* * **** ** ******** **** ******* ** *** user. ********* * *** ******, *** **** ******* '******** *********' or '**** * ****** ******** *****' *************.
  • ********* *** **** **: ********* ******** **** *** **** ** **** ** *******. Typically ************ ** **** ******, *** ***** ******** ******** ********* face ***********, **********, ******/**** *****, *** **** ****.
  • ******* ******* ******** *** ****: ***** ******* **********, ******* ***** ********** *** *** ******* for *** ****. **** ***** ** * ****** *****, ** even * ************ **** ****** ****** ***** ** ***********.

Different *****

*** ****** ****** ** ******* ******* **** ********* ** ** end-user's ******** ********. ***** ****** ********* ***** *** ******** *** of **** *********** *** ******* *** *******, ***** ****-******** ************* may ******* ***** ** ****. ** ****** *** ******* ***** tiers *****:

*** ******:**** ***** * *********** ** '********* *** **** ***' *** '********* ** *****', **** ** ****** ******* ****** **** *** ************ *** number. **** ** *** **** ***** *** ****, ** ************ finder ****** *** ** ** **** ****** ****** **** **** know * ****, ***** ** ***** **** ** *** ****.

******* *********** ********** ****** *** **** *********, ** ** **** common ** *** *********** ** ***** ************* ******* **** **'********* *** **** **' ** *** ****** **************.

***** ******: **** ******** ******** ** **** ****** ***** ** **********, three ******* *** ********. **** ***** **** ** * *********** of **********, *** *****, *** ****** ******* ***********, *** ****** significantly **** ****** ** ********* *** ****** **** ****** '****** factor' **************.


** * ****** ** **** **** *** **** ** *** this ***** ** **************, ** ** **** ** ******** **************, military, *** ******** ********** *** *** ********* *** ********** ***-*****.

**** ******: *** ******* ***** ** ************** ** ***** **** ** military *** ***** ********* *********, ***** ****** *********** *** **** in *********** **** *** ***** *******. ******* **** ******* ***** the **** **** *** ** *** **** ***** *********, ** typically ** *** ******** ****** *** ******** **** ** **** high *** ******** ******** ** *********.


Multi-Factor ************

**** ***** ****** '****** ******' ************** ** **** ******, *** multiple ******* *** ******** ******** ** ******* ************* ******* ** access *******. **** ***** ******** ********:

  • ATM ********: Not only are debit cards required to be swiped, but PIN numbers are required every time a cash transaction takes place at one of these machines.
  • ******: ********** **** ****** *****, *****, ** *** ***** ******* takes ********* ** ********* '********* *** ****' *** ********* '********* *** ****' ** ******* ****** **********.

**** ** ***** ** ******** ******, *********** **** * ***** role. **** ** ***** ** ******** ***********, ******** ******* *** required.

Single ****** ***** **** ******

* ******** ** ********** ****** ******* ******* *** '****** ******' authentication, *** **** ** ********** *** *** *********** ******** ** most ***-*****. *** ****** ********** **** ** **** ** **** to *** ******** ** *** ******, *** *** ****** ******** (ie: *******, *****) ** ****** ******* **** ******.

*** *********** *** ******* *** **** ****** '****** ******' **********. No ***** ************ ** *** ****** ** ******** **** *** key *** **** ******. ***** ********* ******** ** ****-**** ********** access ***********, ********** **** ***** ******* ** ******** '***** *****' of ******** *** **** ******** ** **********.

*** ***** *******, ***** ******** ******* ** ****** ******** ***** be ********** ******. ******* ******* ********** ***** ****** *** **** expensive, *** ****** ****** ************ ***** ** ******** *** ****** justified ******* ******** *************, ****** ****** ******* *** ******** ****** used.

Comments (19)

Kok Long Pang

10/17/13 08:16am

****** **** *** ** **** ** ***** ****** **************. ** some ******, ** **** ** ***** * ******* (*** * persons) ** ******* ********** ** ******** **** ***** ** ****** to ****** * ****, *** ******* *** ** ***. **** remain ****** ** *** ** **** **** *** *******, ** outside *** ******** **** *****.

Bob Lowden

IPVMU Certified | 04/17/14 01:59am

*** ******* ************ ****** **************** ******* ** ********** * *** ******* ** ******. ********* for ****** ****** ******* ****** ** ****** **** ***** ******'* credentials.

Rukmini Wilson

04/17/14 02:51am

******* *****, **** ***** * ****** **** ** * ***** & ****** ***** *** *** ********* ****** **** ********* ** the **** ******* *** *** ** *** ****, ** **** considered * ***** *** ********* *********? ** ** ** ******** an ********** ********* ****, *.*.,********* *** *****...

Thumbnail pp 5

Brian Rhodes

IPVMU Certified | In reply to Rukmini Wilson | 04/17/14 03:14am

*********** ********.*********** ** ********** * *********, ** ***** ** ****.

****** **** (**** **** '**' ** ** **********) *** ***** checks **** ********* ** *** **** ** *** ****, ** is ** ***** * ***-****** *****: *** - *** **** the ****, *** *** - *** '***' *** ****** *** was ****** *** **** (********* ** **** *********).

** *** ****, *********** ** * **** *********, ***** ** can ****** ** *******. *** **** ** ***** *** * finite ********** ****** *** ************. *** **** ****, *** ** appears ** ************ ****** **** ****. *** *** * ***** something **** * ** **** *** ***** **** ********* ****** if * ** **** *** *****, ** *********** *** ************* that ***** ********** ** ***.

Rukmini Wilson

In reply to Brian Rhodes | 04/17/14 04:12am

*********** ** * **** *********, ***** ** *** ****** ** spoofed.

*** ***** *** *** **** ***** **** ** ** **** the ****** ********-********* ********* *** ******** * *****, **** * very ******* *********, ******* **** ****** *. ******* ******* ** the ********* *** ** **** ****. ***** **** *** * breeze ** ********* * ********** ****** **** **** **** ******* purchases ** ******** **** *** ***** *** ********** *** ********* validation ********** ***********...

** ***** ******* ******* **** **** * '***** ***** ******' panic ******? **** *** ******, **** *** *** ***** **** or *********? :)

*.*. * ***'* **** ***** *** *** * ** * 'warm *****'...

Ed Lunnon

IPVMU Certified | 01/21/15 04:00pm

** *** *** *** ********** ** ****** ********* ** *** facility. ********* *** *** ** ** ******* ***** ******** *** search **** *** *** ***** ***** ************. ****** **** ********* through *** ** *** ***** ****** **** *********, *** *** identifies *** ***** *** **** ***** *** *** ***** ***** print *** ************.

Thumbnail usa shield

Luis Carmona

IPVMU Certified | In reply to Ed Lunnon | 01/21/15 05:36pm

******** *** *** ****** *** ********* (*** ***** ** ***** up *********** *** ************) ** * **** *****, **, *** something * ****** **** *** ********** ******. * **** ******** on *** ******* ** *** ********* ************ ** *** **** about ***** *********.

Thumbnail pp 5

Brian Rhodes

IPVMU Certified | In reply to Luis Carmona | 01/21/15 05:46pm

**** ** ****** '************ ****' *** **** ********* *******.

******** *******'* ******** *********** ********** ** ***********, ***** *** **** ****** ******** **** *** fingerprint ******** *** ********** ****. *** **** ***** * ***** to **** *** ********** **** *** ******, *** *** ****** does *** ******** **** *** *********** ** *** ****** ****** unless *** *********** **** ******* *** *** ********** **** *** card.

Thumbnail saks

Aaron Saks

In reply to Ed Lunnon | 01/22/15 02:00pm

*** **** **** ** ***** ** *** ******** ******, *** the ***** ******* *** *** ****** ***** *** ***** *********** are *****.

*** *******, ** **** ****** **** * **** ****** **** had * **** ***** *** **** ****** ***** *** ****** active ***** *** **** ** **** + *** *** ******* AND *******.

**** ***, *** ***'* **** ******* ****** ** "****" *** biometric ****. *** ***** **** ** ***** *** **** ** card + *** *****.

***** *** **** ***** ***** **** "********" ** **** ** retnia ****** ** ******* ** * ********* ******* ***** **** was * "********" **** *** ******** ** ********* **** ****. Having *** ********** ******* ***** ******* ** ***** *** ****** requiring **** ***** ** ** *****...

Val Tsyrklevich

01/22/15 02:28am

*** ***** *** **** ******** ****, **** *** *** ********** authentication? ****** **** *** *** **** ***********. * ***** ** should ***** ******** ***.

Thumbnail pp 5

Brian Rhodes

IPVMU Certified | In reply to Val Tsyrklevich | 01/22/15 03:04am

**** ********! ***** *** ******* ******* *** ********* ***'* ****** a **** ******, **** ** **** ** * '*****-******' *****:

****: ********* ******* ***** **** ****. ********* **** * ***** fingerprint ** ******** ******** ******* ***** ****. ****** ******** ******* a ****** **** ******* ****'* **** ******* **** **** *** waiting, *** ***** ******* *** ** ******.

********: ******** * *********** ****** ******* *** ** **** ****** summer, *** **** *** ******* ** **** *** ***, *** might **** ************ ********** ** *** ***** ****** ** **** off ****** ****** ** *** ** *** ****. *************, ***** problems ******** ************************** **. ***** *** ***** ******* ***, **** ***** *****, iris ******** ****** *** ***, *** ** **.

*******: **** ****** *** **** ******** ************* **** ********* ********. Some ***** ****** ** '******** ******* ***** ******'. ** *** disagree *** ***** **'* *****, *** *** ******** ** **** with ********** **** ***** ********** ******* *** ******* *********.

**********: ****, *** ******** ** ******* '********' ** ********* *******. For *******, **** *** *** ******* ****** *** ****** * fingerprint *** ** ****. ** **** ******* ** ** ********* choice *** *** *****, *** ** **...

Thumbnail saks

Aaron Saks

In reply to Val Tsyrklevich | 01/22/15 01:50pm

** *** ********** *** ******* *******. *********** ********** *** ** "easily" ******. **, ** *** *** **** ** ****** * "gummy" *********** (****** **...) **** * ****** *****, **** *** have ******. **** ** *** *** **** * ****** ******.

******* ******* ***** ** ******* ******* ** *** ***** ****** on *** *******.

*** ***********, ****** * ****** **** ******* * ***** ******* that ** ** * **** ******, *** *** * **** or *********.

****** * *** **** ******* ******** ****** *** * ***** or ****** **********. ****** ** * ***** ** ******* *** trips * ****** ***** ********** * ******** ******* ******** *** intruder ***********...

Paul Salvato

01/22/15 02:53am

* ** ******** ** *** ******* ***** **** ** ***** community, ***** *** **** **** **** **** ** ** ** enter *** *****. ********* ******* **** *** ***** **** ** include **** **** ** ********** *** *** ** ***** ***** residence.

Kim Mentzer

IPVMU Certified | 01/22/15 04:08am

** *** ***** ** ** ****** * ****** ** * facility **** *** * ******** ******* ** *** **** *** would ****** *** ***** ** *** *** ***** *** ***, then *** *** *** * ****** *** *** ***. * layers ******* *********.

Thumbnail headshot

Daniel Gelinas

IPVMU Certified | 09/24/15 07:59pm

* **** * ****'* **** ** **** *** **** *****, but **** ** ***** *** *******. *'** **** *** ***** readings *** *'* ******* **** ****** ***** ** ****** *********** as * ********* ***********. **** * *** ** ******** ******* News, ****** * *********** * ***** ********* ** *****(*** *** **) *** * ********-**** ************ ****'* **** ** a ****** ******* ******** ** **** ** *** *** ******** seemed ** **** ********* **** *** *** * ******* *** for * ****** *** ****'* **** ** ******** ** ***** a ********** ** ********** ***** ** ***** ***** ***, ***...


*******, * *** **** ** ******* *****, *** * ***'* see ****** ***********--** ********** ** *******--****** ***. *** ****** ********** any **** ** ****** ***********?

******!

Tim Hamilton

IPVMU Certified | 10/13/16 09:27pm

******: ********** **** ****** *****, *****, ** *** ***** ******* takes ********* ** ********* '********* *** ****' *** ********* '********* *** ****' ** ******* ****** **********.

**'* *** **** *** ******** * ******** *** ******** ***** multi-factor **************. **** ******** ************** ******** ** ** ** ******-******, as **** ******** *** ******** *** ********** ********* *** ****. I ***'* ***** * ******** ***** ** ********* * ****, as ** ***'* ** ***** **** ** (**** ** ****** card *** **). * ******* **** **** ** ******* ********+ guide:

*** **** ***** **** ** ************** ** ***** ******** ****** ************** (***)******* **** *** **** ** ************** ** *******. *** ** most ***** *********** ** *** *********** ********/******** ***********.

Thumbnail mmsaltz

Mike Saltzgiver

IPVMU Certified | 10/17/16 06:50pm

**** ** **** ******* ***********!!

Thumbnail steve hannah ii

Stephen Hannah II

04/19/17 11:37pm

***** *** "****" ************** ** **** ** * ***** **** or ** ** ******** ** ******** *****? **** *** ******* me.

Thumbnail pp 5

Brian Rhodes

IPVMU Certified | In reply to Stephen Hannah II | 04/20/17 12:16am

*'** *** **** ************ ********** *** ** '****' **********.

*******, ***** *** ******* '****** ** *******' ****** ** ********** that **** **** (******) ****** ****** ** ****** ** *** sensors (**: **** ***** **** **** ** ****** ******,*** *********).

* ** ***** *** ****** ** ****** **** **** ******** gait ** * *********, *** ******* ***** *** '****** *********' is *****.

*******, ***** ** ** * ***** **** ** ***** ** after * ******* ** ********, *** * *** ****** *** differences ** ** *** ****. :)

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Hikvision Access Control Tested on Oct 19, 2017
Hikvision aggressive pricing and marketing combined with generally reliable hardware and free software has made them a major player in video...
Deep Learning Tutorial For Video Surveillance on Oct 17, 2017
Deep learning is a growing buzzword within physical security and video surveillance. But what is 'deep learning'? In this tutorial, we explain...
Multipoint Lock Access Control Tutorial on Oct 17, 2017
Doors are notoriously weak at stopping entry, and money can be misspent on wrong locks that leave doors quite vulnerable. While closed and locked...
PoE Powered Access Control Tutorial on Oct 12, 2017
Powering access control with Power over Ethernet, like for IP cameras, has become increasingly common.  However, the demands for access power are...
Dahua Access Control Tested on Oct 10, 2017
Can Dahua become a major force in access control? We bought Dahua's ASC1202B to find out. We tested Dahua access and its management application...
Exporting Video Surveillance Tutorial on Oct 05, 2017
Exporting video surveillance is important when incidents or crimes occur. However, there are multiple ways to export video which have their pros...
Delayed Egress Access Control Tutorial on Oct 04, 2017
Is it ever legal to lock people into a building? The answer is: Yes... under specific situations. With so much of access control driven by life...
Propped Doors Access Control Tutorial on Sep 28, 2017
Doors should keep 'bad guys' out. One of the most basic problems with doors is people propping them open: Even worse, door propping...
Access Control Job Walk Guide on Sep 26, 2017
Significant money can be saved and problems avoided with an access control job walk if you know what to look for and what to ask. By inviting...
Genetec Launches Cloud Access Control (Synergis SaaS) on Sep 21, 2017
Genetec's cloud everything expansion continues, with their announcement of Synergis SaaS edition, joining their cloud video offering Stratocast,...

Most Recent Industry Reports

Hikvision Access Control Tested on Oct 19, 2017
Hikvision aggressive pricing and marketing combined with generally reliable hardware and free software has made them a major player in video...
Verkada, Silicon Valley VSaaS Startup, Targets Enterprise on Oct 19, 2017
Verkada says they are building an enterprise-class VSaaS offering, calling it "The new platform for video security". This is a departure from the...
Exacq Unbreaks Avigilon Integration on Oct 18, 2017
For nearly 4 years, Exacq had broken and effectively blocked use with Avigilon cameras, as IPVM reported in January 2014. Now, Exacq has...
Search More Important Than Live Monitoring - Statistics on Oct 18, 2017
Search is overall more important than live monitoring to integrators, according to new IPVM statistics.  The key themes found in integrator...
Axis 'Sold Out' P3707-PVE Multi-Imager Tested on Oct 18, 2017
Axis faced significant product shortages over the summer. Perhaps the most notorious and significantly sold out model was the Axis P3707-PE 8MP...
Dahua Removes Auto Rebooting on Oct 17, 2017
For years, Dahua has automatically programmed its IP cameras to reboot weekly, a highly atypical and questionable practice. Following IPVM...
Deep Learning Tutorial For Video Surveillance on Oct 17, 2017
Deep learning is a growing buzzword within physical security and video surveillance. But what is 'deep learning'? In this tutorial, we explain...
Multipoint Lock Access Control Tutorial on Oct 17, 2017
Doors are notoriously weak at stopping entry, and money can be misspent on wrong locks that leave doors quite vulnerable. While closed and locked...
Buy From B&H, Ship Direct From ADI on Oct 16, 2017
B&H, one of the largest online sellers of video surveillance equipment to end users, regularly purchases their video surveillance equipment...
Competing Against Siemens on Oct 16, 2017
Siemens entered the integration business with 15,000+ customers, through their acquisition of Security Technologies Group in 2001. Since that time,...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact