Advanced Authentication Methods are ways to confirm a user’s identity that go beyond a simple user ID and password by bringing in at least one more dimension of authentication, often called Multi-Factor Authentication (MFA). In MFA, each factor falls into a separate category: what you know, what you have, and what you are.
- What you know: this includes passwords, secret questions, previous addresses, hire dates, bank deposit information, etc.
- What you have: this category includes items like RSA token fobs, cell phone SMS messages, software code generators, etc.
- What you are: this is the biometric factor: fingerprints, retina prints, facial recognition, hand geometry, etc.
A user ID and password is considered a single factor authentication method. Other dimensions, or factors, for authentication bring additional security for higher criticality applications and data. In particular, two-factor authentication is the most common method of Advanced Authentication in use today, although there are systems that require more factors.