Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Authentication Factors

taxonomy

Classification Objective

The objective of this classification is to inventory, characterize and compare authentication factors.

Classification

...

Item

...

Alternative Forms

...

Definition

...

Strengths

...

Weaknesses

...

Sources

...

Something I Know

...

Password

...

Something I Have

...

SMS One-Time Passcode

...

Jover, 2020

...

TODO

  •  Compile a quick version 1 of the list
  •  Complete it with a literature review
  •  List the key properties to characterize items

Authentication Factors

  • Knowledge factor

  • Possession factor

  • Inherence factor

  • Location factor

  • Time factor

Other key dimensions

  • In-band versus out-of-band authentication

  • Front-end versus back-end authentication / direct versus delegated authentication

Authentication Methods

Class

Sub-class

Comments

Sources

Biometric Authentication

Brainwaves

Facial Recognition

Geo-localization (absolute or relative to computer system)

Fingerprint Scan

Gait Biometrics

Hand Gestures

Heartbeats

Iris Scanner

Keystroke Dynamics / Touchstroke Biometrics

Knuckleprint Biometrics

Multi-Modal Biometrics

Palmprint Biometrics

Voice Identification

Certificate-based Authentication

One-Time Passcode

Email OTP

Physical Token OTP

Software / App OTP

SMS OTP

Jover, 2020

TAN Lists

Voice OTP

Password

Graphical Password

Personal Identification Number (PIN)

Text Password

Passphrase

Security Question

Single Sign-On (SSO)

Token-based Authentication

Session authentication

Standards

  •  Compile a list of authentication standards, even obsolete ones, then map these to the authentication methods
  • Challenge Handshake Authentication Protocol (CHAP)

  • Extensible Authentication Protocol (EAP)

  • GrIDsure

  • IP Security (IPSec) 

  • Kerberos

  • Microsoft CHAP (MS-CHAP)

  • Microsoft NTLM

  • OAuth

  • OpenID Connect

  • Password Authentication Protocol (PAP)

  • RADIUS

  • SAML

  • Shiva PAP (SPAP)

  • U2F

  • WebAuthN

Bibliography