Join Mike Chapple for an in-depth discussion in this video Multifactor authentication, part of CompTIA Security+ Exam Prep (SY0-401): Access Control and Identity Management.
- In the last video, you learned how computer systems…offer many different authentication techniques…that allow users to prove their identity.…These include something you know such as a password,…something you are such as a fingerprint,…something you have such as a smartphone,…somewhere you are such as inside a secure building,…and something you do such as your typing rhythm.…When used alone, any one of the techniques…provides some security for systems.…However, they each have their own drawbacks.…
For example, an attacker might steal…a user's password through a phishing attack.…Once they have the password, they can then use it…to assume the user's identity.…Other authentication factors aren't foolproof either.…If you use smart card authentication to implement…something you have, the user may lose the smart card.…Someone coming across it may then impersonate the user.…The solution to this problem is to combine…authentication techniques from multiple factors,…such as combining something you know…with something you have.…
Author Mike Chapple, an IT leader with over 15 years experience, introduces identification methods such as usernames and biometrics, as well as authentication methods to verify users, including multifactor authentication, password authentication, and single sign-on. He also discusses authorization concepts such as mandatory and discretionary access controls, which can help you restrict access to sensitive parts of your network. The course also covers best practices for ongoing account management, such as establishing a good password policy, managing user roles, and monitoring accounts, and what to do when you need to suspend or terminate access.
NOTE: We are now a CompTIA Content Publishing Partner. Our training prepares members to pass CompTIA certification exams and become qualified IT professionals. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Setting policies for usernames and access cards
- Implementing biometrics
- Combining authentication factors for multifactor authentication
- Using a Kerberos access control system
- Using access control lists such as Windows NTFS file permissions
- Role-based authorization
- Implementing account and password policies