Daily Learning - Day 29

Date: 4th March 2017

Below are the topics i learnt today..


Follow Hashtag: #SKC100DaysofLearning


Topic 1: Security - Multi-Factor Authentication 


Multi-factor authentication (MFA) is a method of computer access control in which a user is granted access only after successfully presenting several separate pieces of evidence to an authentication mechanism – typically at least two of the following categories: knowledge (something they know), possession (something they have), and inherence (something they are).






Two-factor authentication (also known as 2FA) is a method of confirming a user's claimed identity by utilizing a combination of two different components. Two-factor authentication is a type of multi-factor authentication.



Real Example:

We login to Gmail or Box, if 2FA is enabled for your account.
After logging to the application with your password, a OTP is sent to your mobile number and email.
Once you enter the OTP and then User should be able to login to the application.

Another Multi-Factor Authentication Example is:
Income Tax India EFiling Website: If we forgot the password of Login.
Unless you enter both the PIN, the user is not accessible to change the password and access the website.

It sends the PIN (Different) for Email and Mobile Number.


Another Way:

In Gmail - Security, We have Access codes where, in case we could not able to receive the OTP due to Network issues. We can use Codes to Login to the application.

Exercise:
List of websites and whether or not they support 2FA.

https://twofactorauth.org/

Popular Posts

JMeter Producing Error: Windows RegCreateKeyEx(...) returned error code 5

Understanding about Contract Testing