Authentication as in “authenticate”

* This is part two of a three-part series on passwords

A closer look at the word “authentication” hints at a new and more logical solution to the password puzzle. Authentication comes from the word authenticate or the process of determining whether someone truly is who they say they are. It comes from the Greek word authentikos–original, genuine, principal.

Passwords serve as symbolic representations of an individual like words serve as symbols to denote meaning, but they don’t actually reflect any particular quality of a person.  At the time of registration, the user and their symbol are synched together so from then on, a card and /or password represents them. If the symbol is stolen, the new carrier of the symbol is recognized as the original. Systems have no way of detecting foul play.

A far more authentic representation of individuals is their finger print or voice.  It is an extension of who they truly are and is unique to each individual. Biometrics refers to the identification of human beings by their innate characteristics.

It is considered “good practice” when the factors involved in authentication remain independent of each other. The password stays with the user and a key which is used to unlock data remains with a centralized authority. Only when the user is authorized to access data will they be sent the key to access a system.

An example of effective two factor authentication is a bank that puts a limit on how much money individual cardholders can withdraw on any given day.  When the limit is reached, authorization is no longer granted.

Adding a third or even a fourth factor like a special card may seem wise, but it forces employees to carry around more than a  password. If a card or key is lost, the user will no longer have access and more importantly, their sensitive data will be at risk.

In the final article of this three-part series, we will take a closer look at the viability of implementing biometrics into the authentication process as part of a system’s “access control.”

…authenticate with your own voice
http://cookeyah.com/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s