Multi-Factor Access Control Authentication Guide

By: Brian Rhodes, Published on Dec 10, 2018

Can a stranger use your credentials? One of the oldest problems facing access control is making credentials as easy to use as keys, but restricting them to certain individuals.

Multi-factor authentication is used when the end-user is concerned about who can use access control credentials. In this guide, we explain the concept and the elements involved, including:

  • What Does Multi-Factor Authentication Mean?
  • What Benefits Multi-Factor Offers
  • The Four Factor Types Available
  • Which Factors Are Common For Access Control
  • What Drawbacks Multi-Factor Authentication Have
  • Why Single Factor Authentication Is Still Common

*** * ******** *** your ***********? *** ** the ****** ******** ****** access ******* ** ****** credentials ** **** ** use ** ****, *** restricting **** ** ******* individuals.

*****-****** ************** ** **** when *** ***-**** ** concerned ***** *** *** use ****** ******* ***********. In **** *****, ** explain *** ******* *** the ******** ********, *********:

  • **** **** *****-****** ************** Mean?
  • **** ******** *****-****** ******
  • *** **** ****** ***** Available
  • ***** ******* *** ****** For ****** *******
  • **** ********* *****-****** ************** Have
  • *** ****** ****** ************** Is ***** ******

[***************]

Multi-Factor ************** *******

*** ******* ***** **** more **** *** ********** must ** ********* ** order ** **** ******. However, *** *********** *** 'layered' ** * *** that **** *********** **** other.

Four ************ *******

*** ********** ************** '*******' cannot ** *** ** the **** ***** *** are ********* ********** ******* types ** ***********. *** 'factor ******' *** ******** cited **:

  • ********* *** **** ***: * **********/********** ******* administratively ** *** ****. Typically ** ****** ******* badge, *****, ** ***. Also ******** * ********** key, ********** **, ** passport.
  • ********* *** **** *****: ********* * **** or ******** **** ******* by *** ****. ********* a *** ******, *** also ******* '******** *********' or '**** * ****** Security *****' *************.
  • ********* *** **** **: ********* ******** **** the **** ** **** to *******. ********* ****** or **** ****** *** used, *** ***** ******** possible ********* **** ***********, heartbeats, ******/**** *****, *** even ****.
  • ******* ******* ******** *** User: ***** ******* **********, another ***** ********** *** and ******* *** *** user. **** ***** ** a ****** ***** ** even * ************ **** grants ****** ***** ** familiarity.

Multiple ******* ********** ************

**** ** ***** ** securing ******, *********** **** a ***** ****. **** it ***** ** ******** credentials *** ******** **** the ***** ****** *** using ****, ******** ******* are ****** **** ** the ******** ******* *** weak.

* ******** ******* ** many *** ***-****** ***** and **** **** *** automatic ****** ********. **** credential, **** **** *****, is **** *** ****** defeated ** ****** *** malicious ***.

*******, **** ** ******** do *** ******* ********* embedded *****, ***** *** card ** ********* ******** with * ********* ***.

** *** ****, *** only *** ***** ***** required ** ** ******, but *** ******* *** required ** ** *******. This ***** ************ ****** factors ******** ** ********* them **** ******** ****** of **************.

Multi-Factor *******

** * **** ***** reader ******** ********* *****, fingerprint *****, *** ****** codes *** '*****-******' *******, two ** **** *********** would ** ******** *** entry, *** **** ********* credential ****** *** ********** for *** **** ** present ** *** ****.

*** ***** ***** ***** an ******* ** * typical '***** ******' ****** device:

*** ******* **** ******* support ****. *** *******, this *****-****** ****** **** ****** ******** ********* **** ***/** voice ************** ******* ** the **** ****** ***********:

Different *****

*** ****** ****** ** applied ******* **** ********* to ** ***-****'* ******** concerns. ***** ****** ********* about *** ******** *** of **** *********** *** require *** *******, ***** high-security ************* *** ******* three ** ****. ** define *** ******* ***** tiers *****:

Two ******* 

**** ***** * *********** of '********* *** **** ***' *** '********* ** *****', **** ** ****** Control ****** **** *** accompanying *** ******. **** if *** **** ***** the ****, ** ************ finder ****** *** ** to **** ****** ****** they **** **** * code, ***** ** ***** only ** *** ****.

******* *********** ********** ****** are **** *********, ** is **** ****** ** see *********** ** ***** physiological ******* **** **'********* *** **** **' ** *** ****** authentication.

Three *******

**** ******** ******** ** even ****** ***** ** validation, ***** ******* *** required. **** ***** **** is * *********** ** biometrics, *** *****, *** access ******* ***********, *** become ************* **** ****** to ********* *** ****** than ****** '****** ******' authentication.

** * ****** ** both **** *** **** to *** **** ***** of **************, ** ** used ** ******** **************, military, *** ******** ********** but *** ********* *** commercial ***-*****.

Guard/Verification ******

*** ******* ***** ** authentication ** ***** **** at ******** *** ***** sensitive *********, ***** ****** checkpoints *** **** ** conjunction **** *** ***** factors. ******* **** ******* takes *** **** **** and ** *** **** labor *********, ** ********* is *** ******** ****** the ******** **** ** very **** *** ******** manpower ** *********.

Multi-Factor ************** *********

******* ******** ****** ************ of *****, *****-****** ************** has *********.

*** ******* *********** *** is *** ********** **** required ** ******* ** manipulate *** ********** **********. Especially *** ******** ***** high ***** ******* *** needed, ****** **** **** to ******* **** *** additional ****** ***** *** more **** * *** seconds *** **** ****, potentially ****** ** ** many ******* **** *** course ** *** *****.

******* ********* ****** ** the ********* ***** ** multiple ****** ******* **** simple, ****** ****** ***** like *********** *******. * combination *****-****** ****** ** often $*** - $*,*** more **** * ******-****** unit ******* $*** - $300. **** *** ****** of **** * ***** system **** * - 4 *****, ***** *****-****** readers *** ******** ***** by *********.

Single ****** ***** ******

* ******** ** ********** access ******* ******* *** 'single ******' **************, *** this ** ********** *** the *********** ******** ** most ***-*****. *** ****** credential **** ** **** is **** ** *** identity ** *** ******, and *** ****** ******** (ie: *******, *****) ** recorded *** **** ******.

*** *********** *** ******* the **** ****** '****** factor' **********. ** ***** verification ** *** ****** is ******** **** *** key *** **** ******. While ********* ******** ** high-tech ********** ****** ***********, mechanical **** ***** ******* an ******** '***** *****' of ******** *** **** millions ** **********.

*** ***** *******, ***** multiple ******* ** ****** identity *** ** **** to *******. ******* ******* supporting ***** ****** *** more *********, *** ****** manned ************ ***** ** overhead *** ****** ********* without ******** *************, ****** factor ******* *** ******** method ****. *******, **** risks **********, ***** ** an ********** ********** ** strengthen ********.

Comments (15)

Undisclosed #1

12/11/18 01:45am

**** ****'* ******* **** this ** *** *** mobile ******. *********** *** provide *********, *** & gesture ** *** **** you *** ** **** you ****. *** ***** is **** *** ****. There *** ******* ********* that ***** **** *** with **** ****** *********** implementations. 

*** ** **** ********* the **** *** ****** biometric *******, *** ********* allow *** ************* *** ability ** ******* *** by *****/******, ****/**** *** schedule.

 

Undisclosed Integrator #2

In reply to Undisclosed #1 | 12/11/18 01:17pm

**** *** ****** ***'* like ******** *** ***** phones. *** *** **** so **** **** ***** for ******* ***** ******* without ****** *** **** you **** ** ****** have ****** *******, ** activate *** **** *** a ****.

Avatar

Brian Rhodes

IPVMU Certified | In reply to Undisclosed #1 | 12/11/18 04:58pm

******, *******, ** ****** devices *** * ******** medium, *** **** *** '********* *** **** *****'**** ***** ****** ******* would.

** ** ****, **'* an ********* ** *** existing ******* *********, *** isn't *********** *** ** additional.  

*** **** **** ****, if *'* *** *******, then ********* ** **** add **.  **'* ** interesting ************** ** ***, I'm **** *** ************ that ** ** * new ****.

Undisclosed #1

12/11/18 01:21pm

****** **** *** ******** makes *** *** **** phone ******* * ******, but ***** *** *************** where *** ***'* **** need ** **** **** phone *** ** **** pocket *** ****** ***** you *** **** **** request ** *** ******** the **** ** * more ******* ***.

Undisclosed Integrator #2

In reply to Undisclosed #1 | 12/11/18 01:56pm

****, *** ** ** it's *** **** **** more ******. *** ** you ***'* **** ** take **** ***** ***, then ***** ** ** app *** ************* ****** (either ********* ** ***) always ***** ******* **** at ***** **% ** people **** ******** *****, and **** ** ***** will ******* ** ** upper **********. :)

*** ********* ** *** has ****** **** ********* people's **********, ****** *** expectations.

Avatar

Fabian Muyawa

LONTECH SYSTEMS | IPVMU Certified | 12/11/18 02:54pm

***** ** ** ***** Video **** ** ** integrated **** ****** ******* in *** **** ** maglocks **** ******** ******* and ** **** ******* tied ** ********** ***** to ****** *** *** accessed * ****.

**** **** ******* ** be * ******* **** of **********.

Undisclosed Integrator #2

In reply to Fabian Muyawa | 12/11/18 04:16pm

******, ** ** ****, video ** **** **** would ** *** "************", not ******. ********* ** was *** ******* ****** using *** ********** ** gain ******. ****** ** is * ****** ***** station ***** ***** ** see *** ** ** the **** ******* ******.

Avatar

Brian Rhodes

IPVMU Certified | In reply to Fabian Muyawa | 12/11/18 05:02pm

** ***** *** **** the ****** **** - '******* ******* ******** *** User'.  ** ***** ** somewhat ***** ** ** this **** ******** *** cameras (****** ***** **** outside *** ***, ** the ***** *** ** poor *******, ***) *** I ***** ** ***** fall **** **** ********.

Undisclosed #3

12/11/18 04:11pm

****** ********** *************** *** clearly ** *** **** as **** * ******* end ***** **** ********** and **** ***** ***** to ******** **** ****** to ***** ***** ****, data ******* ** ****** doors. ******* *****...******** & habit ******. ** ** use *** ****** *** *** personal ***, ** ***'* mind ******* ** ** App, *** **** ** is ******** ** *** company ** ************ * person ** *** ****** and *** ****** ** the ******, ********** ** change ** ***** ** pilots. ** *** ***** hand, *'* *** ***** to **** ** ***** on * ******* *** day.

Avatar

Fabian Muyawa

LONTECH SYSTEMS | IPVMU Certified | In reply to Undisclosed #3 | 12/12/18 10:44am

********* **, *** **** implementation ******* ** **** integrate **** **** ***** intercoms

Avatar

John Bredehoft

Idemia | 12/11/18 07:09pm

**** *** ****** ****** need ** ** * person? *** *******, ** someone **** *** ******* badge, ***, *** ********* appeared ** *** **** at *:****, ***** ** AI ********* ****** **** this ******** ** ********** with *** *** ****** usually *******?

** ***** **** ** more ** * ********** biometric, *** **** ********** as "********* *** ***"?

Undisclosed End User #4

12/12/18 03:40pm

*** ***** ************/******* ******* verifies **** **** *****'* *********** need ** ** ***** intensive.  *** ********, ********* Command ****** *** * feature ***** *** *** set ** '**********' ** doors, ***** *** ***** at *** ******* ****** gets ******** ******** *** badged at *** ****, *** give *** ***** * set ****** ** **** to ***** ** **** the *******.  ** *** show * **** ****** **** with ******** * *** audio, ** **** ** any ******** **** ******, such ** ******, **** you ******* ** **.  As **** ** *** already **** * ****** monitoring *** ****** ******* system and ***'* *** ** on ***** **** **** constant ******* ** *** be **** **********. 

************ ***** *** **** you *** ******* ********* so ***** ***** ** be * ********* *********** badging ******** ** **** a ****, ** * "host" **** ********** ***** to ***** ***** *** a "*******" **** ********** to ** **** ** scan ***** ***** *** get * ***** *****.

Undisclosed Integrator #5

04/24/19 03:00am

* ********** ******** ******* and * *** **** your *** ******, ******’* it ** ******* ** have ** ****** ******** for *** **** **** if ******* *** *** allowed ** ** ** work ****** *** ***** a *** **** *** set *** ****** ** email ** ***** ** the ******** ******* ***** would ******* *** **** holder *********** *** *** the ***** ** ****** if ** ** *** actual ****** **** ******.

Avatar

Brian Rhodes

IPVMU Certified | In reply to Undisclosed Integrator #5 | 04/24/19 03:07am

 ******’* ** ** ******* to **** ** ****** schedule *** *** **** door ** ******* *** not ******* ** ** at **** ****** *** after * *** **** and *** *** ****** to ***** ** ***** to *** ******** ******* which ***** ******* *** card ****** *********** *** yes *** ***** ** verify ** ** ** the ****** ****** **** holder.

****, *** ***** *** many ***** ****** ** needed *** *********** **** falls ******* ** ****** schedules. (******* ****/********, ***)

****, **** ********** ****** do *** **** ******** staff ******** ********** ****** systems ** ***** ************ for ************.

** *******, ****** ****** ******* ****** *** Schedules ** * ***** **** regardless!

Undisclosed #1

04/24/19 01:41pm

** **** ** *** eveyone's *************. ** **** in * **-******* *****, the ***** **** ****** control. *** ** *** doors ** ********** ***** had * **** ******* the **** ****. ** you'd ***** ******** ********** would *** ** *** a **** ** **. Nope, **** ******** *** other ***...Access control defeat device

**** **** **** **** included *** ************...

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Open Access Controller Guide (Axis, HID, Isonas, Mercury) on Sep 19, 2019
In the access control market, there are many software platforms, but only a few companies that make non-proprietary door controllers. Recently,...
Directory of 68 Video Surveillance Startups on Sep 18, 2019
This directory provides a list of video surveillance startups to help you see and research what companies are new or not yet broadly known. 2019...
Installation Course - Last Chance - Register Now on Sep 12, 2019
Last Chance - Register Now - September 2019 Video Surveillance Install Course. Thursday, September 12th is your last chance to register for the...
Fingerprints for Access Control Guide on Sep 09, 2019
Users can lose badges, but they never misplace a finger, right? The most common biometric used in access are fingerprints, and it has become one...
Mobotix First CNPP CCTV Cybersecurity Certification Examined on Sep 05, 2019
Mobotix recently became the first video surveillance manufacturer to receive the CNPP cybsersecurity certification for its cameras, in which they...
Assa Acquires LifeSafety Power on Sep 04, 2019
Assa Abloy is acquiring LifeSafety Power, adding to their growing collection of access control brands like Mercury, August, Pioneer Doors, and...
Register Now - October 2019 IP Networking Course on Aug 28, 2019
Register now for the Fall 2019 IP Networking Course. This is the only networking course designed specifically for video surveillance...
Mobile Access Control Guide on Aug 28, 2019
One of the biggest trends in access for the last few years has been the marriage of mobile phones and access cards. But how does this...
UK Facewatch GDPR Compliance Questioned on Aug 27, 2019
Even as the GDPR strictly regulates biometrics, a UK company called Facewatch is selling anti-shoplifter facial recognition systems to hundreds of...
ZK Teco Atlas Access Control Tested on Aug 20, 2019
Who needs access specialists? China-based ZKTeco claims its newest access panel 'makes it very easy for anyone to learn and install access control...

Most Recent Industry Reports

Open Access Controller Guide (Axis, HID, Isonas, Mercury) on Sep 19, 2019
In the access control market, there are many software platforms, but only a few companies that make non-proprietary door controllers. Recently,...
Axis Perimeter Defender Improves, Yet Worse Than Dahua and Wyze on Sep 19, 2019
While Axis Perimeter Defender analytics improved from our 2018 testing, the market has improved much faster, with much less expensive offerings...
Directory of 68 Video Surveillance Startups on Sep 18, 2019
This directory provides a list of video surveillance startups to help you see and research what companies are new or not yet broadly known. 2019...
Uniview Prime Series 4K Camera Tested on Sep 18, 2019
Is the new Uniview 'Prime' better than the more expensive existing Uniview 'Pro'? In August, IPVM tested Uniview 4K 'Pro' but members advocated...
US Army Base To Buy Banned Honeywell Surveillance on Sep 17, 2019
The U.S. Army's Fort Gordon, home to their Cyber Center of Excellence, has issued a solicitation to purchase Honeywell products that are US...
Vivotek "Neural Network-Powered Detection Engine" Analytics Tested on Sep 17, 2019
Vivotek has released "a neural network-powered detection engine", named Smart Motion Detection, claiming that "swaying vegetation, vehicles passing...
Schmode is Back, Aims To Turn Boulder AI Into Giant on Sep 16, 2019
One of the most influential and controversial executives in the past decade is back. Bryan Schmode ascended and drove the hypergrowth of Avigilon...
Manufacturers Unhappy With Weak ASIS GSX 2019 And 2020 Shift on Sep 16, 2019
Manufacturers were generally unhappy with ASIS GSX, both for weak 2019 booth traffic and a scheduling shift for the 2020 show, according to a new...
How Cobalt Robotics May Disrupt Security on Sep 13, 2019
While security robots have largely become a joke over the last few years, one organization, Cobalt Robotics, has raised $50+ million from top US...
Panasonic 4K Camera Tested (WV-S2570L) on Sep 13, 2019
Panasonic has released their latest generation 4K dome, the WV-S2570L, claiming "Extreme image quality allows evidence to be captured even under...

What IPVM Is

The world's leading authority on video surveillance, with 200,000+ visits monthly.

  • Articles on cameras, video analytics, VMS, and trends
  • Tests showing actual performance and problems
  • Courses in surveillance, access control, etc
  • Camera Calculator for designing systems

Dedicated To Independence

We're dedicated to staying independent and objective. We're the only industry source to refuse any and all advertisements, sponsorship, and consulting from manufacturers. Why?