Two factor authentication using digital certificates
This post is in relation to a question asked by the reader
Question:
Angus comment on post "Certificate Authority for CISA Exam - its all abou...":
May I ask a question about how Digital certificates (also known as a soft token) can be used for two-factor authentication? Thanks a lot.
May I ask a question about how Digital certificates (also known as a soft token) can be used for two-factor authentication? Thanks a lot.
Answer:
Two factor authentication means use of following two factors:
- Something You have
- Something you are/Something you know
Let us first see what could be the one factor authorization. One factor authorization involves something you know- your user name and password. Best thing would be to combine this to something you have – digital certificate. The combination of these two will make this Two factor authentication.
Following will be the steps for simplest two factor authentication using digital certificate:
- User account is created
- User is linked to an unique digital certificate in the certificate database.
- An unique digital certificate is installed in the user's system.
- Through PKI user's digital certificate is verified and user is allowed to use SSL services.
- By using user name and password created user gains access to the resources.
Benefits of using Digital Certificate for two factor authentication are:
- Lower costs
- Easy to use
- Availability of many standards.
0 comments:
Post a Comment